[Emerging-updates] Daily Ruleset Update Summary 2019/10/02

Jason Williams jwilliams at emergingthreats.net
Wed Oct 2 14:36:19 HDT 2019


[***]            Summary:            [***]

  5 new Open, 27 new Pro (5 + 22).  Phoenix Keylogger, Android Shedun,
FTCode, Various Phish.

  Thanks @P3pperP0tts

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

 [+++]          Added rules:          [+++]

 Open:

  2028643 - ET TROJAN Win32/Phoenix Keylogger SMTP Exfil - Passwords
(trojan.rules)
  2028644 - ET TROJAN Win32/Phoenix Keylogger Exfil via SMTP - Generic
(trojan.rules)
  2028645 - ET TROJAN Win32/Phoenix Keylogger SMTP Exfil - Logs
(trojan.rules)
  2028646 - ET TROJAN Win32/Phoenix Keylogger SMTP Exfil - Clipboard
(trojan.rules)
  2028647 - ET TROJAN Win32/Phoenix Keylogger SMTP Exfil - Screenshot
(trojan.rules)

 Pro:

  2838700 - ETPRO MOBILE_MALWARE Android Shedun CnC Beacon 2
(mobile_malware.rules)
  2838701 - ETPRO MOBILE_MALWARE Android Shedun CnC Beacon 3
(mobile_malware.rules)
  2838702 - ETPRO MOBILE_MALWARE Android Shedun CnC Beacon 4
(mobile_malware.rules)
  2838703 - ETPRO TROJAN Win32/FTCode Ransomware CnC Checkin (trojan.rules)
  2838704 - ETPRO TROJAN Win32/Almanahe.B Post-Infection Activity
(trojan.rules)
  2838705 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-10-02 (current_events.rules)
  2838706 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-10-02
(current_events.rules)
  2838707 - ETPRO CURRENT_EVENTS Successful Active Mail Phish 2019-10-02
(current_events.rules)
  2838708 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-10-02
(current_events.rules)
  2838709 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-10-02
(current_events.rules)
  2838710 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-10-02
(current_events.rules)
  2838711 - ETPRO CURRENT_EVENTS Successful Target Phish 2019-10-02
(current_events.rules)
  2838712 - ETPRO CURRENT_EVENTS Successful Target Phish 2019-10-02
(current_events.rules)
  2838713 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-10-02
(current_events.rules)
  2838714 - ETPRO CURRENT_EVENTS Successful Generic Shared Document Phish
2019-10-02 (current_events.rules)
  2838715 - ETPRO CURRENT_EVENTS Successful US Bank Phish 2019-10-02
(current_events.rules)
  2838718 - ETPRO POLICY External IP Lookup Service Request Observed
(policy.rules)
  2838719 - ETPRO POLICY External IP Lookup Service Response Observed
(policy.rules)
  2838720 - ETPRO TROJAN Observed HTTP Request to High Volume Known
Malicious Staging Domain (trojan.rules)
  2838721 - ETPRO TROJAN W32.Sarwent Variant Checkin -- connect
(trojan.rules)
  2838722 - ETPRO TROJAN Observed Malicious SSL Cert (Ostap) (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20191002/3bca4d85/attachment.html>


More information about the Emerging-updates mailing list