Daily Ruleset Update Summary 2017/07/07

[***]            Summary:            [***]

6 new Open, 28 new Pro (6 + 22). Possible CVE-2017-0199, Various Phishing, Various Mobile.

[+++]          Added rules:          [+++]

Open:

2024444 - ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M2 Jul 07 2017 (current_events.rules)
2024445 - ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M1 Jul 07 2017 (current_events.rules)
2024446 - ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M3 Jul 07 2017 (current_events.rules)
2024447 - ET CURRENT_EVENTS Apple Tech Support Phone Scam Jul 07 2017 (current_events.rules)
2024448 - ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M4 Jul 07 2017 (current_events.rules)
2024449 - ET CURRENT_EVENTS SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl (current_events.rules)

Pro:

2827036 - ETPRO TROJAN Unknown Powershell CnC Heartbeat (trojan.rules)
2827037 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-06 1) (trojan.rules)
2827038 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-06 2) (trojan.rules)
2827039 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-06 3) (trojan.rules)
2827040 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-06 4) (trojan.rules)
2827041 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-06 5) (trojan.rules)
2827042 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-06 6) (trojan.rules)
2827043 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-06 7) (trojan.rules)
2827044 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-07-06 8) (trojan.rules)
2827045 - ETPRO TROJAN Bitcoin Miner Known Malicious Basic Auth (VGhhbmUuMjpvcGVyYXRpb24xMQ==) (trojan.rules)
2827046 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 170 (mobile_malware.rules)
2827047 - ETPRO MOBILE_MALWARE Android/Spy.Agent.ADB CnC Beacon (mobile_malware.rules)
2827048 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M1 Jul 07 2017 (current_events.rules)
2827049 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M2 Jul 07 2017 (current_events.rules)
2827050 - ETPRO CURRENT_EVENTS Successful Outlook Phish Jul 07 2017 (current_events.rules)
2827051 - ETPRO CURRENT_EVENTS Successful DHL Phish Jul 07 2017 (current_events.rules)
2827053 - ETPRO CURRENT_EVENTS Successful Expedia Partner Central Phish Jul 07 2017 (current_events.rules)
2827054 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.san SMS Exfil via SMTP (mobile_malware.rules)
2827055 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.san Reporting via SMTP (mobile_malware.rules)
2827056 - ETPRO CURRENT_EVENTS Successful Linkedin Phish Jul 07 2017 (current_events.rules)
2827057 - ETPRO CURRENT_EVENTS Successful Google Drive Shared Document Phish Jul 07 2017 (current_events.rules)
2827058 - ETPRO CURRENT_EVENTS Successful Email Shutdown Phish Jul 07 2017 (current_events.rules)

 [///]     Modified active rules:     [///]

2824348 - ETPRO CURRENT_EVENTS Successful Bank of America Phish Jan 10 2017 (current_events.rules)
2826431 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ay SMS Exfil 3 (mobile_malware.rules)
2827008 - ETPRO TROJAN MSIL/TeleBot.Backdoor Beacon To CnC (trojan.rules)

Date: 
Friday, July 7, 2017 - 00:00