[Emerging-updates] Daily Ruleset Update Summary 2020/07/23

Brandon Murphy bmurphy at emergingthreats.net
Thu Jul 23 13:22:58 HDT 2020


[***]            Summary:            [***]

5 new OPEN, 17 new PRO (5 + 12).  Cisco ASA/Firepower Unauthenticated File
Read (CVE-2020-3452), Win32/Generic.TrojanDownloader.Banload,
Win32/Dumador, and VARIOUS PHISH.



Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2030581 - ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read
(CVE-2020-3452) M1 (exploit.rules)
2030582 - ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read
(CVE-2020-3452) M2 (exploit.rules)
2030583 - ET SCAN ELF/Mirai Variant User-Agent (Inbound) (scan.rules)
2030584 - ET TROJAN ELF/Mirai Variant User-Agent (Outbound) (trojan.rules)
2030585 - ET EXPLOIT Cisco ASA/Firepower Unauthenticated File Read
 (CVE-2020-3452) M3 (exploit.rules)

Pro:

2843646 - ETPRO CURRENT_EVENTS Successful Orange Phish 2020-07-23
(current_events.rules)
2843647 - ETPRO CURRENT_EVENTS Successful Xfinity Phish 2020-07-23
(current_events.rules)
2843648 - ETPRO CURRENT_EVENTS Successful Xfinity Phish 2020-07-23
(current_events.rules)
2843649 - ETPRO CURRENT_EVENTS Successful Outlook Web App Update Phish
2020-07-23 (current_events.rules)
2843650 - ETPRO CURRENT_EVENTS Successful CRA Tax Refund Phish 2020-07-23
(current_events.rules)
2843651 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-07-23 1) (trojan.rules)
2843652 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-07-23 2) (trojan.rules)
2843653 - ETPRO TROJAN Win32/Dumador Variant CnC Activity (trojan.rules)
2843654 - ETPRO TROJAN Observed SocGholish Domain in TLS SNI (trojan.rules)
2843655 - ETPRO TROJAN Win32/Remcos RAT Checkin 501 (trojan.rules)
2843656 - ETPRO TROJAN Win32/Generic.TrojanDownloader.Banload (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20200723/231a2b38/attachment.html>


More information about the Emerging-updates mailing list