Daily Ruleset Update Summary 2017/11/09

[***] Summary: [***]

19 new Pro signatures.  CoinMiners, Zeus Panda, VARIOUS PHISHING.

[+++]          Added rules:          [+++]

2828582 - ETPRO TROJAN Fake Ransomware CnC Checkin (trojan.rules)
2828583 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 244 (mobile_malware.rules)
2828584 - ETPRO TROJAN Observed Malicious Zeus Panda Domain in SNI (henfobuthis .com) (trojan.rules)
2828585 - ETPRO TROJAN Observed Malicious SSL Cert (Zeus Panda CnC) (trojan.rules)
2828586 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish Nov 09 2017 (set) (current_events.rules)
2828587 - ETPRO TROJAN PowerShell Empire SSL Cert (trojan.rules)
2828588 - ETPRO CURRENT_EVENTS Successful Rediff.com Phish Nov 09 2017 (current_events.rules)
2828589 - ETPRO CURRENT_EVENTS Successful ABN-AMRO Bank Phish M1 Nov 09 2017 (current_events.rules)
2828590 - ETPRO CURRENT_EVENTS Successful ABN-AMRO Bank Phish M2 Nov 09 2017 (current_events.rules)
2828591 - ETPRO CURRENT_EVENTS Successful 163.com Phish Nov 09 2017 (current_events.rules)
2828592 - ETPRO CURRENT_EVENTS Successful HM Revenue & Customs Phish Nov 09 2017 (current_events.rules)
2828593 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-09 1) (trojan.rules)
2828594 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-09 2) (trojan.rules)
2828595 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-09 3) (trojan.rules)
2828596 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-09 4) (trojan.rules)
2828597 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-09 5) (trojan.rules)
2828598 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-09 6) (trojan.rules)
2828599 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-09 7) (trojan.rules)
2828600 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-11-09 8) (trojan.rules)

[///]     Modified active rules:     [///]

2009897 - ET MALWARE Possible Windows executable sent when remote host claims to send html content (malware.rules)
2021111 - ET TROJAN DDoS.Win32/Nitol.B Checkin (trojan.rules)
2812100 - ETPRO TROJAN Win32/TrojanDownloader.Banload.TXV Receiving compressed PE set (ZIP) (trojan.rules)
2822901 - ETPRO CURRENT_EVENTS Successful Generic Phish - Observed in Apple/Bank of America/Amazon Oct 26 2016 (current_events.rules)
2823672 - ETPRO TROJAN LatentBot HTTP POST CnC (trojan.rules)
2828543 - ETPRO TROJAN APT28 Uploader DNS Lookup (trojan.rules)

Date: 
Thursday, November 9, 2017 - 00:00