Daily Ruleset Update Summary 2017/08/09

[***] Summary: [***]

2 new Open signatures, 15 new Pro (2 + 13). OSX/Mughthesec/SafeFinder/OperatorMac, VARIOUS (ANDROID|PHISHING).

[+++]          Added rules:          [+++]

Open:

2024529 - ET TROJAN OSX/Mughthesec/SafeFinder/OperatorMac DNS Query Observed (trojan.rules)
2024530 - ET TROJAN OSX/Mughthesec/SafeFinder/OperatorMac Rogue Search Engine DNS Query Observed (trojan.rules)

Pro:

2827462 - ETPRO TROJAN Win32.Agent.bjswlh CnC Beacon (trojan.rules)
2827463 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz SMS/Contact Exfil via SMTP 10 (mobile_malware.rules)
2827464 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL) (current_events.rules)
2827465 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic SMS/Contact Exfil via SMTP 8 (mobile_malware.rules)
2827466 - ETPRO CURRENT_EVENTS Observed Malicious Malvertising SSL Cert 2018-08-09 (Storfin Redirect to EK) (current_events.rules)
2827467 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Congur.san Reporting via SMTP 2 (mobile_malware.rules)
2827468 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.es SMS/Contact Exfil via SMTP (mobile_malware.rules)
2827469 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.es SMS/Contact Exfil via SMTP 2 (mobile_malware.rules)
2827470 - ETPRO CURRENT_EVENTS Successful Amazon (DE) Phish Aug 09 2017 (current_events.rules)
2827471 - ETPRO CURRENT_EVENTS Successful Nedbank Phish Aug 09 2017 (current_events.rules)
2827472 - ETPRO CURRENT_EVENTS Successful ICICI Bank Phish M1 Aug 09 2017 (current_events.rules)
2827473 - ETPRO CURRENT_EVENTS Successful ICICI Bank Phish M2 Aug 09 2017 (current_events.rules)
2827474 - ETPRO CURRENT_EVENTS Successful Office 365 Phish Aug 09 2017 (current_events.rules)

[///]     Modified active rules:     [///]

2826233 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 2 (mobile_malware.rules)
2826236 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ey Contact Exfil via SMTP (mobile_malware.rules)
2826695 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic Contact Exfil via SMTP 4 (mobile_malware.rules)

Date: 
Wednesday, August 9, 2017 - 00:00