Daily Ruleset Update Summary 2017/03/01

[***] Summary: [***]

1 new Open signature, 26 new Pro (1 + 25). Carbanak, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2024029 - ET INFO Suspicious VNC Remote Admin Request (info.rules)

Pro:

2815247 - ETPRO CURRENT_EVENTS Successful Excel Online Phish Dec 8 (current_events.rules)
2825163 - ETPRO CURRENT_EVENTS Successful Generic Phish (Redirect to Download PDF) Feb 28 2017 (current_events.rules)
2825164 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Dowgin.d CnC Beacon 2 (mobile_malware.rules)
2825165 - ETPRO MOBILE_MALWARE PUA Android/KyView.E Checkin (mobile_malware.rules)
2825166 - ETPRO CURRENT_EVENTS Docusign Phishing Landing Mar 1 2017 (current_events.rules)
2825167 - ETPRO CURRENT_EVENTS Successful DHL Phish Mar 1 2017 (current_events.rules)
2825168 - ETPRO CURRENT_EVENTS Successful OWA Phish Mar 1 2017 (current_events.rules)
2825169 - ETPRO CURRENT_EVENTS Successful Fidelity Phish Mar 1 2017 (current_events.rules)
2825170 - ETPRO MOBILE_MALWARE Android/DocaP.B Checkin (mobile_malware.rules)
2825171 - ETPRO MOBILE_MALWARE Android.Adware.NoiconAds.A CnC Beacon (mobile_malware.rules)
2825172 - ETPRO MOBILE_MALWARE Android.Adware.NoiconAds.A CnC Beacon 2 (mobile_malware.rules)
2825173 - ETPRO MOBILE_MALWARE Android.Trojan.Rootnik.FH Checkin (mobile_malware.rules)
2825174 - ETPRO CURRENT_EVENTS Successful Google Drive Phish Feb 28 2017 (current_events.rules)
2825175 - ETPRO CURRENT_EVENTS Successful DHL Phish Feb 28 2017 (current_events.rules)
2825176 - ETPRO CURRENT_EVENTS Successful Generic Email Account Update Phish Feb 28 2017 (current_events.rules)
2825177 - ETPRO TROJAN Carbanak PowerShell DNS TXT CnC Beacon 1 M1 (trojan.rules)
2825178 - ETPRO TROJAN Carbanak PowerShell DNS TXT CnC Beacon 1 M2 (trojan.rules)
2825179 - ETPRO TROJAN Carbanak PowerShell DNS TXT CnC Beacon 2 (trojan.rules)
2825180 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Iop.d CnC Beacon (mobile_malware.rules)
2825181 - ETPRO MALWARE Win32/FlyStudio Ad Update (malware.rules)
2825182 - ETPRO CURRENT_EVENTS Successful Bradesco Bank Phish Mar 01 2017 (current_events.rules)
2825183 - ETPRO CURRENT_EVENTS Successful Natwest Bank Phish M1 Mar 01 2017 (current_events.rules)
2825184 - ETPRO CURRENT_EVENTS Successful Natwest Bank Phish M2 Mar 01 2017 (current_events.rules)
2825185 - ETPRO CURRENT_EVENTS Successful My ADP Phish Mar 01 2017 (current_events.rules)
2825186 - ETPRO CURRENT_EVENTS Successful Singtel Phish Mar 01 2017 (current_events.rules)

[///]     Modified active rules:     [///]

2007994 - ET MALWARE Suspicious User-Agent (1 space) (malware.rules)
2011341 - ET TROJAN Suspicious POST With Reference to WINDOWS Folder Possible Malware Infection (trojan.rules)
2807017 - ETPRO TROJAN  Backdoor.Win32.GF.13x.A Checkin (trojan.rules)
2809560 - ETPRO MOBILE_MALWARE Android.Adware.NoiconAds.A Checkin 2 (mobile_malware.rules)
2815310 - ETPRO CURRENT_EVENTS  Successful Dropbox Phish Dec 10 M1 (current_events.rules)
2822498 - ETPRO CURRENT_EVENTS Successful Chase Phish Oct 07 2016 (current_events.rules)

[---]         Removed rules:         [---]

2821586 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Inoco.f Checkin (mobile_malware.rules)
 

Date: 
Wednesday, March 1, 2017 - 00:00