[Emerging-updates] Daily Ruleset Update Summary 2020/12/22

Jason Taylor jastaylor at emergingthreats.net
Tue Dec 22 13:23:18 HST 2020


[***]            Summary:            [***]

4 new OPEN, 38 new PRO (4 + 34). PhantomNet/Smanager, Various Android,
Babylon RAT, Various Phish.

There are continued ruleset optimizations being made for the Suricata
5. Consequently some days will have a larger than normal number of
modified rules.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2014154 - ET INFO PDF Containing Subform with JavaScript (info.rules)
  2031446 - ET TROJAN Smanager CnC Domain in DNS Lookup (trojan.rules)
  2031447 - ET TROJAN Smanager CnC Domain in DNS Lookup (trojan.rules)
  2031448 - ET TROJAN Observed Malicious SSL Cert (PhantomNet/Smanager
CnC) (trojan.rules)

Pro:

  2846206 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Piom.aehq Checkin
(mobile_malware.rules)
  2846207 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Agent.er Checkin
(mobile_malware.rules)
  2846208 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Cerberus
Update Socks CMD (mobile_malware.rules)
  2846209 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.rb
Checkin (mobile_malware.rules)
  2846210 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.rb
Checkin 2 (mobile_malware.rules)
  2846211 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.rb
Checkin 3 (mobile_malware.rules)
  2846212 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.rb
Checkin 4 (mobile_malware.rules)
  2846213 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Lockerpin Checkin
(mobile_malware.rules)
  2846214 - ETPRO TROJAN Win32/Babylon RAT CnC Activity (trojan.rules)
  2846215 - ETPRO TROJAN Growtopia Save.Stealer Activity (trojan.rules)
  2846216 - ETPRO TROJAN Win32/Unk.GoAPT Backdoor Activity (trojan.rules)
  2846217 - ETPRO TROJAN Win32/Unk.GoAPT Backdoor Requesting Command
(trojan.rules)
  2846218 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2020-12-22 (current_events.rules)
  2846219 - ETPRO CURRENT_EVENTS Successful Chase Phish 2020-12-22
(current_events.rules)
  2846220 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2020-12-22 (current_events.rules)
  2846221 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-22 1) (trojan.rules)
  2846222 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-22 2) (trojan.rules)
  2846223 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-22 3) (trojan.rules)
  2846224 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-22 4) (trojan.rules)
  2846225 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-22 5) (trojan.rules)
  2846226 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-22 6) (trojan.rules)
  2846227 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-22 7) (trojan.rules)
  2846228 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-12-22 8) (trojan.rules)
  2846229 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish
2020-12-22 (current_events.rules)
  2846230 - ETPRO CURRENT_EVENTS Successful ASB Bank Phish 2020-12-22
(current_events.rules)
  2846231 - ETPRO CURRENT_EVENTS Successful Generic Email Protection
Phish 2020-12-22 (current_events.rules)
  2846232 - ETPRO CURRENT_EVENTS Successful Adobe Online Phish
2020-12-22 (current_events.rules)
  2846233 - ETPRO CURRENT_EVENTS Successful My EE Phish 2020-12-22
(current_events.rules)
  2846234 - ETPRO TROJAN Observed Malicious SSL Cert
(Trojan-Ransom.Win32.Blocker.msyd) (trojan.rules)
  2846235 - ETPRO TROJAN Trojan-Ransom.Win32.Blocker.msyd CnC Activity
(trojan.rules)
  2846236 - ETPRO TROJAN Observed BazaLoader Domain in TLS SNI (trojan.rules)
  2846237 - ETPRO TROJAN Observed BazaLoader Domain in TLS SNI (trojan.rules)
  2846238 - ETPRO TROJAN Observed BazaLoader Domain in TLS SNI (trojan.rules)
  2846239 - ETPRO TROJAN BazaLoader CnC Activity (trojan.rules)

[///]     Modified active rules:     [///]

  2013423 - ET TROJAN User-Agent in Referer Field - Likely Malware
(trojan.rules)
  2015674 - ET INFO 3XX redirect to data URL (info.rules)
  2019138 - ET TROJAN Win32/Poweliks GET Request (trojan.rules)
  2020203 - ET TROJAN Win32/Zeprox.B Checkin (trojan.rules)
  2020491 - ET TROJAN Possible Bedep Connectivity Check (2) (trojan.rules)
  2021228 - ET TROJAN Poweliks Clickfraud CnC M3 (trojan.rules)
  2024008 - ET WEB_CLIENT Possible Phishing Redirect Feb 24 2017
(web_client.rules)
  2024016 - ET WEB_CLIENT Paypal Phishing Redirect M1 Feb 24 2017
(web_client.rules)
  2026515 - ET INFO Suspicious Redirect to Download EXE from Bitbucket
(info.rules)
  2029667 - ET CURRENT_EVENTS Successful Fedex/DHL Phish 2018-10-22
(current_events.rules)
  2031431 - ET TROJAN PhantomNet/Smanager CnC Domain in DNS Lookup
(vgca.homeunix .org) (trojan.rules)
  2806128 - ETPRO MOBILE_MALWARE Android/SMSSend.G Checkin
(mobile_malware.rules)
  2806373 - ETPRO TROJAN Trojan-Dropper.Win32.Mudrop Checkin (trojan.rules)
  2806384 - ETPRO TROJAN Win32/Banker.AKW Checkin (trojan.rules)
  2806393 - ETPRO TROJAN Trojan.Siggen5.15498 Checkin (trojan.rules)
  2807825 - ETPRO MOBILE_MALWARE Android/Agent.BNO Checkin 2
(mobile_malware.rules)
  2808121 - ETPRO TROJAN Trojan.DownLoader9.62529 Checkin (trojan.rules)
  2808158 - ETPRO MOBILE_MALWARE RemoteAdmin.AndroidOS.Unfawa.a
Checkin (mobile_malware.rules)
  2808473 - ETPRO MOBILE_MALWARE Android/SmsSend.EI Checkin
(mobile_malware.rules)
  2808593 - ETPRO MOBILE_MALWARE Android/FakeTimer.A Checkin 2
(mobile_malware.rules)
  2809459 - ETPRO MOBILE_MALWARE Android/Adware.AirPush.J Checkin
(mobile_malware.rules)
  2809918 - ETPRO MOBILE_MALWARE Android SMSreg-XP Checkin
(mobile_malware.rules)
  2810004 - ETPRO MOBILE_MALWARE Android/Agent.DG Checkin (mobile_malware.rules)
  2812427 - ETPRO MOBILE_MALWARE Android/Agent.FC Checkin (mobile_malware.rules)
  2812953 - ETPRO MOBILE_MALWARE Android.Adware.Adwo.A Checkin 3
(mobile_malware.rules)
  2812954 - ETPRO MOBILE_MALWARE Android.Adware.Adwo.A Checkin 4
(mobile_malware.rules)
  2812955 - ETPRO MOBILE_MALWARE Android.Adware.Adwo.A Checkin 5
(mobile_malware.rules)
  2814865 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.xd Checkin
(mobile_malware.rules)
  2814930 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.a Checkin
14 (mobile_malware.rules)
  2815682 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.FT Checkin
(mobile_malware.rules)
  2815683 - ETPRO MOBILE_MALWARE Android.Trojan.InfoStealer.FT Checkin
2 (mobile_malware.rules)
  2816636 - ETPRO TROJAN MSIL/JScriptDownloader Retrieving Payload
(trojan.rules)
  2816657 - ETPRO TROJAN Win32/TrojanDownloader.VB.QSL Variant Checkin
(trojan.rules)
  2816797 - ETPRO MOBILE_MALWARE Android/SMSreg.SP Checkin
(mobile_malware.rules)
  2819989 - ETPRO TROJAN APT.Rexpot Stage1 Variant CnC Beacon 2 (trojan.rules)
  2820365 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Tiny.bl Checkin
(mobile_malware.rules)
  2820787 - ETPRO TROJAN DiamondFox HTTP POST CnC Response (trojan.rules)
  2820835 - ETPRO INFO Suspicious Redirect to Recursive PHP - Possible
Phishing (info.rules)
  2822599 - ETPRO TROJAN Win32/CONFUCIUS_B External IP Check to CnC
(trojan.rules)
  2822647 - ETPRO CURRENT_EVENTS Successful Bank of America Phish Oct
14 2016 (current_events.rules)
  2823917 - ETPRO TROJAN APT.Rexpot Variant CnC Beacon (trojan.rules)
  2824624 - ETPRO TROJAN JS.Downloader.HLD CnC Reporting Dropped PE
(trojan.rules)
  2825002 - ETPRO CURRENT_EVENTS Successful My ADP Phish Feb 16 2017
(current_events.rules)
  2825115 - ETPRO CURRENT_EVENTS Successful Paypal Phish M1 Feb 23
2017 (current_events.rules)
  2827303 - ETPRO MOBILE_MALWARE Android.Trojan.Downloader.JP CnC
Beacon (mobile_malware.rules)
  2828146 - ETPRO CURRENT_EVENTS Successful Bank Username/Account
Number Phish Oct 04 2017 (current_events.rules)
  2828148 - ETPRO CURRENT_EVENTS Successful Bank Password/Credit Card
Number Phish Oct 04 2017 (current_events.rules)
  2828541 - ETPRO TROJAN Win32/Leviwa CnC Checkin (trojan.rules)
  2829454 - ETPRO CURRENT_EVENTS Successful Bank Username/Account
Number Phish 2018-01-26 (current_events.rules)
  2830503 - ETPRO CURRENT_EVENTS Successful Personalized Phish
2018-04-20 (current_events.rules)
  2830517 - ETPRO MOBILE_MALWARE Android Trojan-Spy EmSeven CnC Beacon
(mobile_malware.rules)
  2830731 - ETPRO TROJAN W32/JbossMiner Checkin (trojan.rules)
  2831447 - ETPRO MOBILE_MALWARE Android/Hiddad.OG Requesting APK
(mobile_malware.rules)
  2831448 - ETPRO MOBILE_MALWARE Android/Hiddad.OG Requesting APK 2
(mobile_malware.rules)
  2831449 - ETPRO MOBILE_MALWARE Android/Hiddad.OG Requesting APK 3
(mobile_malware.rules)
  2832590 - ETPRO CURRENT_EVENTS Successful Booking.com Phish
2018-09-13 M2 (current_events.rules)
  2832638 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Agent.fj
Checkin (mobile_malware.rules)
  2832692 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish
2018-09-19 (current_events.rules)
  2832896 - ETPRO CURRENT_EVENTS Successful Impots Gouv Phish
2018-10-01 (current_events.rules)
  2833132 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2018-10-16
(current_events.rules)
  2833193 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2018-10-18
(current_events.rules)
  2833291 - ETPRO CURRENT_EVENTS Successful Ebay Phish 2018-10-25
(current_events.rules)
  2833292 - ETPRO CURRENT_EVENTS Successful IDEX Cryptocurrency Phish
2018-10-22 (current_events.rules)
  2833379 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2018-10-31 (current_events.rules)
  2833462 - ETPRO CURRENT_EVENTS Successful Generic Mail Update Phish
2018-11-06 (current_events.rules)
  2833927 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2018-12-13
(current_events.rules)
  2833929 - ETPRO CURRENT_EVENTS Successful US Bank Phish 2018-12-13
(current_events.rules)
  2834182 - ETPRO CURRENT_EVENTS Possible Successful Generic Mailbox
Update Phish 2019-01-02 (current_events.rules)
  2834210 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2019-01-03
M1 (current_events.rules)
  2834211 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2019-01-03
M2 (current_events.rules)
  2834212 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2019-01-03
M3 (current_events.rules)
  2834285 - ETPRO CURRENT_EVENTS Successful Microsoft Account
Voicemail Phish 2019-01-08 (current_events.rules)
  2834344 - ETPRO CURRENT_EVENTS Successful AlaskaUSA Credit Union
Phish 2019-01-08 (current_events.rules)
  2834461 - ETPRO CURRENT_EVENTS Successful Microsoft Documentation
Phish 2019-01-18 (current_events.rules)
  2834477 - ETPRO CURRENT_EVENTS Successful Stripe Phish 2019-01-18
(current_events.rules)
  2834520 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish
2019-01-23 (current_events.rules)
  2834650 - ETPRO CURRENT_EVENTS Successful Microsoft Encrypted File
Phish 2019-01-30 (current_events.rules)
  2834711 - ETPRO CURRENT_EVENTS Successful Proximus Skynet Webmail
Phish 2019-02-04 (current_events.rules)
  2834787 - ETPRO CURRENT_EVENTS Successful ICS Phish 2019-02-07
(current_events.rules)
  2834833 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-02-11
(current_events.rules)
  2835054 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-02-26
(current_events.rules)
  2835055 - ETPRO CURRENT_EVENTS Successful SunTrust Bank Phish
2019-02-26 (current_events.rules)
  2835212 - ETPRO CURRENT_EVENTS Successful Exchange Email Settings
Phish 2019-03-06 (current_events.rules)
  2835238 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-03-07
(current_events.rules)
  2835276 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-03-11
(current_events.rules)
  2835278 - ETPRO CURRENT_EVENTS Successful Office 365 Phish
2019-03-11 (current_events.rules)
  2835479 - ETPRO MOBILE_MALWARE Android/Agent.BAS CnC Beacon
(mobile_malware.rules)
  2835709 - ETPRO CURRENT_EVENTS Successful Personalized Shipping
Phish 2019-03-11 (current_events.rules)
  2835869 - ETPRO CURRENT_EVENTS Successful Adobe Phish 2019-04-15
(current_events.rules)
  2835993 - ETPRO CURRENT_EVENTS Successful Adobe Phish 2018-04-22
(current_events.rules)
  2836090 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-04-26 (current_events.rules)
  2836166 - ETPRO CURRENT_EVENTS Successful Generic Step2 Phish
2019-04-30 (current_events.rules)
  2836194 - ETPRO CURRENT_EVENTS Successful Adobe Shared Document
Phish 2019-05-01 (current_events.rules)
  2836195 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-05-01 (current_events.rules)
  2836228 - ETPRO CURRENT_EVENTS Successful Snapchat Phish 2019-05-03
(current_events.rules)
  2836280 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2019-05-10
(current_events.rules)
  2836300 - ETPRO TROJAN MSIL/TekaCore Miner Checkin (trojan.rules)
  2836303 - ETPRO CURRENT_EVENTS Successful IRS Phish 2019-05-13
(current_events.rules)
  2836310 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-05-14
(current_events.rules)
  2836333 - ETPRO MOBILE_MALWARE Android-Trojan/Hidap.d6f5b CnC Beacon
(mobile_malware.rules)
  2836381 - ETPRO CURRENT_EVENTS Successful Vodafone Phish 2019-05-20
(current_events.rules)
  2836382 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-05-20 (current_events.rules)
  2836555 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish
2019-05-29 (current_events.rules)
  2836558 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-05-29
(current_events.rules)
  2836693 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.gn CnC
Beacon (mobile_malware.rules)
  2836728 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2019-06-07
(current_events.rules)
  2836874 - ETPRO CURRENT_EVENTS Successful Snapchat Phish 2019-06-17
(current_events.rules)
  2836877 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-06-17 (current_events.rules)
  2837150 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2019-07-01
(current_events.rules)
  2837346 - ETPRO CURRENT_EVENTS Successful SF Express Phish
2019-07-09 (current_events.rules)
  2837465 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-07-11
(current_events.rules)
  2837535 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2019-07-16
(current_events.rules)
  2837814 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-08-01
(current_events.rules)
  2837913 - ETPRO CURRENT_EVENTS Successful Spark Phish 2019-08-07
(current_events.rules)
  2838147 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2019-08-23
(current_events.rules)
  2838203 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2019-08-27
(current_events.rules)
  2838825 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-10-08
(current_events.rules)
  2839024 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-10-21
(current_events.rules)
  2839028 - ETPRO CURRENT_EVENTS Successful Adobe Phish 2019-10-21
(current_events.rules)
  2839092 - ETPRO CURRENT_EVENTS Successful Generic Verify Email Phish
2019-10-23 (current_events.rules)
  2839110 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Anubis.p CnC
Beacon (mobile_malware.rules)
  2839258 - ETPRO CURRENT_EVENTS Successful Airbnb Phish 2019-11-06
(current_events.rules)
  2839261 - ETPRO CURRENT_EVENTS Successful Generic Multimail Phish
2019-11-06 (current_events.rules)
  2839270 - ETPRO CURRENT_EVENTS Successful Fio Banka Phish 2019-11-06
(current_events.rules)
  2839902 - ETPRO CURRENT_EVENTS Successful Generic Charles Schwab
Phish 2019-12-13 (current_events.rules)
  2840396 - ETPRO CURRENT_EVENTS Successful Excel Online Phish
2020-01-13 (current_events.rules)
  2840521 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2020-01-21
(current_events.rules)
  2840562 - ETPRO CURRENT_EVENTS Successful Spectrum Webmail Phish
2020-01-22 (current_events.rules)
  2840579 - ETPRO CURRENT_EVENTS Successful Generic Phish 2020-01-22
(current_events.rules)
  2840607 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2020-01-23 (current_events.rules)
  2840676 - ETPRO CURRENT_EVENTS Successful Maersk Phish 2020-01-27
(current_events.rules)
  2841030 - ETPRO CURRENT_EVENTS Successful Apple Phish 2020-02-13
(current_events.rules)
  2841199 - ETPRO CURRENT_EVENTS Successful Generic Mailbox Phish
2020-02-25 (current_events.rules)
  2841626 - ETPRO TROJAN W32/Winloud CnC Activity (trojan.rules)
  2843124 - ETPRO CURRENT_EVENTS Successful MyEE Phish 2020-06-22
(current_events.rules)
  2843679 - ETPRO CURRENT_EVENTS Suspicious Bitly Redirect to .dat
(current_events.rules)
  2843680 - ETPRO CURRENT_EVENTS Suspicious Bitly Redirect to .exe
(current_events.rules)
  2843681 - ETPRO CURRENT_EVENTS Suspicious Bitly Redirect to .dll
(current_events.rules)
  2843682 - ETPRO CURRENT_EVENTS Suspicious Bitly Redirect to .ps1
(current_events.rules)
  2843814 - ETPRO TROJAN Omega CnC Download Request (trojan.rules)
  2843815 - ETPRO TROJAN Omega CnC Request (trojan.rules)
  2844133 - ETPRO TROJAN DCRat Initial Checkin Server Response (trojan.rules)
  2844174 - ETPRO CURRENT_EVENTS Successful Generic Phish 2020-08-27
(current_events.rules)
  2844236 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2020-09-01 (current_events.rules)
  2844237 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2020-09-01 (current_events.rules)
  2844238 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2020-09-01 (current_events.rules)
  2844263 - ETPRO TROJAN Win32/TrojanDownloader.VB.QZK Variant CnC
Activity (trojan.rules)
  2844274 - ETPRO CURRENT_EVENTS Successful Generic Phish 2020-09-03
(current_events.rules)
  2844364 - ETPRO CURRENT_EVENTS Successful USAA Credential Phish
2020-09-10 (current_events.rules)
  2844518 - ETPRO CURRENT_EVENTS Successful Centurylink Phish
2020-09-18 (current_events.rules)
  2844539 - ETPRO CURRENT_EVENTS Possible Successful Amazon JP Phish
Redirect 2020-09-18 (current_events.rules)
  2844545 - ETPRO CURRENT_EVENTS Successful Protonmail Phish
2020-09-21 (current_events.rules)
  2844726 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-10-01
(current_events.rules)
  2845108 - ETPRO CURRENT_EVENTS Sucessful Generic Credential Phish
2020-10-22 (current_events.rules)
  2845137 - ETPRO CURRENT_EVENTS Successful Royal Bank of Canada Phish
2020-10-23 (current_events.rules)
  2845282 - ETPRO CURRENT_EVENTS Successful Virgin Mobile Phish
2020-11-02 (current_events.rules)
  2845340 - ETPRO CURRENT_EVENTS Successful ING Phish (NL) 2020-11-04
(current_events.rules)
  2845435 - ETPRO CURRENT_EVENTS Successful RBFCU Phish 2020-11-10
(current_events.rules)
  2845456 - ETPRO CURRENT_EVENTS Successful Generic Phish 2020-11-11
(current_events.rules)
  2845474 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2020-11-12 (current_events.rules)
  2845654 - ETPRO CURRENT_EVENTS Successful Instagram Credential Phish
2020-11-24 (current_events.rules)
  2845676 - ETPRO CURRENT_EVENTS Successful Instagram Credential Phish
2020-11-25 (current_events.rules)
  2845764 - ETPRO CURRENT_EVENTS Successful Citi Credential Phish
2020-12-02 (current_events.rules)
  2845797 - ETPRO CURRENT_EVENTS Successful Berkshire Bank Credential
Phish 2020-12-03 (current_events.rules)
  2845826 - ETPRO CURRENT_EVENTS Successful RBFCU Phish 2020-12-04
(current_events.rules)
  2845827 - ETPRO CURRENT_EVENTS Successful Bank of Montreal Phish
2020-12-04 (current_events.rules)
  2845840 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Piom.ly CnC
Beacon (mobile_malware.rules)
  2845912 - ETPRO CURRENT_EVENTS Successful T-Mobile Phish 2020-12-08
(current_events.rules)
  2845949 - ETPRO CURRENT_EVENTS Successful Google (NL) Phish
2020-12-09 (current_events.rules)
  2846024 - ETPRO CURRENT_EVENTS Successful Metrobank Credential Phish
2020-12-14 (current_events.rules)
  2846053 - ETPRO CURRENT_EVENTS Successful Primabanka Phish
2020-12-15 (current_events.rules)
  2846095 - ETPRO CURRENT_EVENTS Successful Generic Phish 2020-12-17
(current_events.rules)

[---]         Removed rules:         [---]

  2014154 - ET CURRENT_EVENTS DRIVEBY PDF Containing Subform with
JavaScript (current_events.rules)
  2846118 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Hiddapp.cf (TLS SNI)
(mobile_malware.rules)
  2846137 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Hiddapp.cf (TLS SNI)
2 (mobile_malware.rules)


More information about the Emerging-updates mailing list