Daily Ruleset Update Summary 2017/06/02

[***]            Summary:            [***]

5 new Open, 24 new Pro (5 + 19). Terror EK, ROKRAT, Various Phishing, Various Mobile.

[+++]          Added rules:          [+++]

Open:

2024343 - ET CURRENT_EVENTS Terror EK Landing URI T1 Jun 02 2017 (current_events.rules)
2024344 - ET CURRENT_EVENTS Terror EK Payload URI T1 Jun 02 2017 (current_events.rules)
2024345 - ET CURRENT_EVENTS Terror EK Payload URI T1 Jun 02 2017 M2 (current_events.rules)
2024346 - ET CURRENT_EVENTS Terror EK Landing T1 Jun 02 2017 M1 (current_events.rules)
2024347 - ET CURRENT_EVENTS Terror EK Landing T1 Jun 02 2017 M2 (current_events.rules)

Pro:

2826508 - ETPRO MALWARE Win32.EoRezo.AB Checkin (malware.rules)
2826593 - ETPRO TROJAN Possible Chthonic DNS Lookup (trojan.rules)
2826594 - ETPRO TROJAN Unknown Keylogger Checkin (trojan.rules)
2826595 - ETPRO TROJAN JS_NETREPSER.A Checkin (trojan.rules)
2826596 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 137 (mobile_malware.rules)
2826597 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.cs CnC Beacon (mobile_malware.rules)
2826598 - ETPRO TROJAN ROKRAT Checkin (trojan.rules)
2826599 - ETPRO TROJAN ROKRAT Checkin 2 (trojan.rules)
2826600 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ar SMS Exfil via SMTP 2 (mobile_malware.rules)
2826601 - ETPRO CURRENT_EVENTS Successful American Express Phish Jun 02 2017 (current_events.rules)
2826602 - ETPRO CURRENT_EVENTS Successful Poloniex Cryptocurrency Exchange Phish Jun 02 2017 (current_events.rules)
2826603 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.lg Reporting via SMTP (mobile_malware.rules)
2826604 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.lg Reporting via SMTP 2 (mobile_malware.rules)
2826605 - ETPRO CURRENT_EVENTS Successful Caixa Phish Jun 02 2017 (current_events.rules)
2826606 - ETPRO CURRENT_EVENTS Successful Banque Populaire Phish Jun 02 2017 (current_events.rules)
2826607 - ETPRO CURRENT_EVENTS Successful Western Union Phish M1 Jun 02 2017 (current_events.rules)
2826608 - ETPRO CURRENT_EVENTS Successful Western Union Phish M2 Jun 02 2017 (current_events.rules)
2826609 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.es SMS/Contact Exfil via SMTP 2 (mobile_malware.rules)
2826610 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.es SMS/Contact Exfil via SMTP 3 (mobile_malware.rules)

[+++]         Enabled rules:         [+++]

2809527 - ETPRO TROJAN Infostealer.Gamania Checkin (trojan.rules)


[///]     Modified active rules:     [///]

2017584 - ET TROJAN Chthonic Checkin (trojan.rules)
2024342 - ET WEB_SPECIFIC_APPS Joomla 3.7.0 - Sql Injection (CVE-2017-8917) (web_specific_apps.rules)
2826233 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 2 (mobile_malware.rules)

[---]         Removed rules:         [---]

2826508 - ETPRO TROJAN Win32.EoRezo.AB Checkin (trojan.rules)
 

Date: 
Friday, June 2, 2017 - 00:00