Daily Ruleset Update Summary 2017/12/27

[***]            Summary:            [***]

15 new Pro. Suspicious Terse HTTP, Malicious SSL Certs, Various Phishing.

Thanks: @AttackDetection

[+++]          Added rules:          [+++]

Pro:

2829074 - ETPRO POLICY Suspicious Terse HTTP Request to yourjavascript .com (policy.rules)
2829075 - ETPRO TROJAN Observed Malicious SSL Cert (URLZone CnC) (trojan.rules)
2829076 - ETPRO TROJAN Observed Malicious SSL Cert (Bateleur CnC) (trojan.rules)
2829077 - ETPRO CURRENT_EVENTS Successful International Card Services Phish 2017-12-27 (current_events.rules)
2829078 - ETPRO MALWARE Adware.Genius.B Version Check (malware.rules)
2829079 - ETPRO POLICY HTTP Request to iplogger .ru for External IP Address (policy.rules)
2829080 - ETPRO CURRENT_EVENTS Successful Apple Phish 2017-12-27 (current_events.rules)
2829081 - ETPRO CURRENT_EVENTS Apple Phishing Landing Javascript 2017-12-27 (current_events.rules)
2829082 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2017-12-27 (current_events.rules)
2829083 - ETPRO CURRENT_EVENTS Successful Generic UIV Phish 2017-12-27 (current_events.rules)
2829084 - ETPRO CURRENT_EVENTS Successful IRS Phish 2017-12-27 (current_events.rules)
2829093 - ETPRO CURRENT_EVENTS Generic Spam-Egy Phishing Landing 2017-12-27 (current_events.rules)
2829094 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2017-12-27 (current_events.rules)
2829095 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish (set) 2017-12-27 (current_events.rules)
2829096 - ETPRO CURRENT_EVENTS Possible Successful Generic Multi Step Phish 2017-12-27 (current_events.rules)

[///]     Modified active rules:     [///]

2829038 - ETPRO TROJAN Bitcoin Miner Known Malicious Basic Auth (NDF5eWJUWEZnYk...) (trojan.rules)

[---]  Disabled and modified rules:  [---]

2822783 - ETPRO CURRENT_EVENTS Successful Facebook Phish Oct 20 2016 (current_events.rules)

Date: 
Wednesday, December 27, 2017 - 00:00