[Emerging-updates] Daily Ruleset Update Summary 2019/09/30

Jason Williams jwilliams at emergingthreats.net
Tue Oct 1 14:29:31 HDT 2019


[***]            Summary:            [***]

  1 new Open, 38 new Pro (1 + 37).  Tobinload, Remcos RAT, BitcoinDNS,
Various Phish.

  Delayed rule email from yesterday. Please share issues, feedback, and
requests at https://feedback.emergingthreats.net/feedback

 [+++]          Added rules:          [+++]

 Open:

  2028636 - ET EXPLOIT Possible EXIM DoS (CVE-2019-16928) (exploit.rules)

 Pro:

  2830177 - ETPRO POLICY Observed Suspicious SSL Cert (BitcoinDNS Resolver)
(policy.rules)
  2838631 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL
2019-09-30) (current_events.rules)
  2838632 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL
2019-09-30 2) (current_events.rules)
  2838633 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL
2019-09-30 3) (current_events.rules)
  2838634 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL
2019-09-30 4) (current_events.rules)
  2838635 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-09-30
(current_events.rules)
  2838636 - ETPRO CURRENT_EVENTS Successful Yahoo Phish 2019-09-30
(current_events.rules)
  2838637 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-09-30
(current_events.rules)
  2838638 - ETPRO CURRENT_EVENTS Successful N26 Phish 2019-09-30
(current_events.rules)
  2838639 - ETPRO CURRENT_EVENTS Successful N26 Phish 2019-09-30
(current_events.rules)
  2838640 - ETPRO CURRENT_EVENTS Successful Target Phish 2019-09-30
(current_events.rules)
  2838641 - ETPRO CURRENT_EVENTS Successful Target Phish 2019-09-30
(current_events.rules)
  2838642 - ETPRO CURRENT_EVENTS Successful Suncorp Phish 2019-09-30
(current_events.rules)
  2838643 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-09-30
(current_events.rules)
  2838644 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-09-30 (current_events.rules)
  2838645 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-09-30 (current_events.rules)
  2838646 - ETPRO CURRENT_EVENTS Successful TD Bank Phish 2019-09-30
(current_events.rules)
  2838647 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-09-30
(current_events.rules)
  2838648 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-09-30 (current_events.rules)
  2838649 - ETPRO TROJAN Win32/Presenoker Requesting Batch File M3
(trojan.rules)
  2838650 - ETPRO TROJAN Win32/Presenoker Requesting Batch File M4
(trojan.rules)
  2838651 - ETPRO USER_AGENTS Win32/Presenoker UA Observed
(user_agents.rules)
  2838652 - ETPRO USER_AGENTS Win32/Presenoker UA Observed
(user_agents.rules)
  2838653 - ETPRO TROJAN Observed Malicious SSL Cert (LNK/Agent.DK CnC)
(trojan.rules)
  2838655 - ETPRO POLICY BitcoinDNS Resolver Service Domain Observed in DNS
Query (policy.rules)
  2838656 - ETPRO TROJAN Agent.DK CnC Domain Observed in DNS Query
(trojan.rules)
  2838657 - ETPRO TROJAN Win32/Tobinload Submitting Proc List to CnC
(trojan.rules)
  2838658 - ETPRO TROJAN Win32/Tobinload Submitting Stolen Data to CnC
(trojan.rules)
  2838659 - ETPRO MALWARE Win32/Tobinload Submitting Compromised Saved
Browser Logins to CnC (malware.rules)
  2838660 - ETPRO TROJAN Win32/Injector.DGXX Variant CnC Activity M1
(trojan.rules)
  2838661 - ETPRO TROJAN Win32/Injector.DGXX Variant CnC Activity M2
(trojan.rules)
  2838662 - ETPRO TROJAN Win32/Remcos RAT Checkin 184 (trojan.rules)
  2838663 - ETPRO TROJAN Win32/Remcos RAT Checkin 185 (trojan.rules)
  2838664 - ETPRO TROJAN Win32/Remcos RAT Checkin 186 (trojan.rules)
  2838665 - ETPRO TROJAN Win32/Remcos RAT Checkin 187 (trojan.rules)
  2838666 - ETPRO TROJAN Win32/Remcos RAT Checkin 188 (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20191001/798666a6/attachment.html>


More information about the Emerging-updates mailing list