[Emerging-updates] Daily Ruleset Update Summary 2019/11/07

Brandon Murphy bmurphy at emergingthreats.net
Thu Nov 7 13:59:46 HST 2019


[***]            Summary:            [***]

  8 new Open, 36 new Pro (8 + 28).  Fastloader, Keyboy, Android/Androluna,
Various Phishing.

  Suricata 5.0 Support blog:
https://www.proofpoint.com/us/corporate-blog/post/emerging-threats-announcing-support-suricata-50
  Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2028947 - ET USER_AGENTS Suspicious User-Agent (Random String)
(user_agents.rules)
  2028948 - ET TROJAN Keyboy CN APT CnC Domain in DNS Lookup (trojan.rules)
  2028949 - ET TROJAN Keyboy CN APT CnC Domain in DNS Lookup (trojan.rules)
  2028950 - ET TROJAN Keyboy CN APT CnC Domain in DNS Lookup (trojan.rules)
  2028951 - ET TROJAN Keyboy CN APT CnC Domain in DNS Lookup (trojan.rules)
  2028952 - ET TROJAN Keyboy CN APT CnC Domain in DNS Lookup (trojan.rules)
  2028953 - ET TROJAN Keyboy CN APT CnC Domain in DNS Lookup (trojan.rules)
  2028954 - ET TROJAN Keyboy CN APT CnC Domain in DNS Lookup (trojan.rules)

Pro:

  2839281 - ETPRO MOBILE_MALWARE Android/Androluna Checkin
(mobile_malware.rules)
  2839282 - ETPRO MOBILE_MALWARE AndroidOS/Trojan.VYEU-2 Checkin
(mobile_malware.rules)
  2839283 - ETPRO MOBILE_MALWARE Android.HiddenApp.E CnC Beacon
(mobile_malware.rules)
  2839284 - ETPRO CURRENT_EVENTS Successful Microsoft Outlook Phish
2019-11-07 (current_events.rules)
  2839285 - ETPRO CURRENT_EVENTS Successful Navy Federal Credit Union Phish
2019-11-07 (current_events.rules)
  2839286 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-11-07
(current_events.rules)
  2839287 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish
2019-11-07 (current_events.rules)
  2839288 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish
2019-11-07 (current_events.rules)
  2839289 - ETPRO CURRENT_EVENTS Successful UBI Banca Phish 2019-11-07
(current_events.rules)
  2839290 - ETPRO CURRENT_EVENTS Successful Telekom / Tmobile Phish
2019-11-07 (current_events.rules)
  2839291 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-11-07 (current_events.rules)
  2839292 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-11-07 (current_events.rules)
  2839293 - ETPRO CURRENT_EVENTS Successful Spotify Credit Card Information
Phish 2019-11-07 (current_events.rules)
  2839294 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-11-07
(current_events.rules)
  2839295 - ETPRO CURRENT_EVENTS Successful Maersk Phish 2019-11-07
(current_events.rules)
  2839296 - ETPRO CURRENT_EVENTS Successful Microsoft Sharepoint Phish
2019-11-07 (current_events.rules)
  2839297 - ETPRO CURRENT_EVENTS Successful Generic Mail Error Report Phish
2019-11-07 (current_events.rules)
  2839298 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2019-11-07
(current_events.rules)
  2839299 - ETPRO CURRENT_EVENTS Successful Airbnb Phish 2019-11-07
(current_events.rules)
  2839300 - ETPRO CURRENT_EVENTS Successful Desjardins Phish 2019-11-07
(current_events.rules)
  2839301 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-11-07
(current_events.rules)
  2839302 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish
2019-11-07 (current_events.rules)
  2839303 - ETPRO CURRENT_EVENTS Successful Banco BPM Phish 2019-11-07
(current_events.rules)
  2839304 - ETPRO CURRENT_EVENTS Successful Yahoo Phish 2019-11-07
(current_events.rules)
  2839305 - ETPRO TROJAN Fastloader CnC Checkin (trojan.rules)
  2839306 - ETPRO TROJAN Fastloader CnC Heartbeat (trojan.rules)
  2839307 - ETPRO TROJAN Fastloader CnC GetPath (trojan.rules)
  2839308 - ETPRO TROJAN Win32/Criakl Ransomware CnC Activity (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20191107/41fd8395/attachment.html>


More information about the Emerging-updates mailing list