[Emerging-updates] Daily Ruleset Update Summary 2020/06/25

Jack Mott jmott at emergingthreats.net
Thu Jun 25 14:17:08 HDT 2020


[***]            Summary:            [***]

7 new OPEN, 18 new PRO (7 + 11). GoldenSpy, Rovnix, RHttpCtrl, BlackMoon,
Kwapi, VARIOUS PHISHING.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2030392 - ET POLICY Suspicious Terse Request for .pif (policy.rules)
  2030393 - ET TROJAN Unk.PowerShell Reporting System Information
(trojan.rules)
  2030394 - ET TROJAN GoldenSpy CnC Activity (trojan.rules)
  2030395 - ET TROJAN Rovnix CnC Domain in DNS Query (trojan.rules)
  2030396 - ET TROJAN GoldenSpy CnC Activity (trojan.rules)
  2030397 - ET TROJAN RHttpCtrl Backdoor CnC (trojan.rules)
  2030398 - ET TROJAN RCtrl Backdoor CnC Checkin M2 (trojan.rules)

Pro:

  2843190 - ETPRO TROJAN BlackMoonRAT CnC Checkin (trojan.rules)
  2843191 - ETPRO TROJAN BlackMoonRAT CnC Keep-Alive (Outbound)
(trojan.rules)
  2843192 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC)
(trojan.rules)
  2843193 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2020-06-25
(current_events.rules)
  2843194 - ETPRO CURRENT_EVENTS Successful AOL Phish 2020-06-25
(current_events.rules)
  2843195 - ETPRO CURRENT_EVENTS Successful Societe Generale Phish
2020-06-25 (current_events.rules)
  2843196 - ETPRO CURRENT_EVENTS Successful TIM Phish 2020-06-25
(current_events.rules)
  2843197 - ETPRO TROJAN MSIL/Filecoder.AAJ Variant CnC Host Checkin
(trojan.rules)
  2843198 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-25 1) (trojan.rules)
  2843199 - ETPRO TROJAN Win32/Kwapi CnC Checkin (trojan.rules)
  2843200 - ETPRO TROJAN Win32/Remcos RAT Checkin 469 (trojan.rules)

 [///]     Modified active rules:     [///]

2823676 - ETPRO TROJAN Win32 QuasarRAT 1.3/VenomRAT Connectivity Check
(trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20200625/350b34f1/attachment.html>


More information about the Emerging-updates mailing list