Daily Ruleset Update Summary 2018/01/08

[***]            Summary:            [***]

21 new Pro. Win32/Agent.IKYV, Win32/FileTour Variant, CVE-2017-6736, Various Phishing.

[+++]          Added rules:          [+++]

Pro:

 2829194 - ETPRO TROJAN Win32/Agent.IKYV CnC Checkin (trojan.rules)
 2829195 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2018-01-08 (current_events.rules)
 2829196 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-01-08 (current_events.rules)
 2829197 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2018-01-08 (current_events.rules)
 2829198 - ETPRO TROJAN MSIL/Zbrain PUP/Stealer Checkin (trojan.rules)
 2829199 - ETPRO CURRENT_EVENTS Successful Caixa Phish 2018-01-08 (current_events.rules)
 2829200 - ETPRO CURRENT_EVENTS Possible Successful Cyberplus (FR) Phish M1 2018-01-08 (current_events.rules)
 2829201 - ETPRO CURRENT_EVENTS Successful Cyberplus (FR) Phish M2 2018-01-08 (current_events.rules)
 2829202 - ETPRO TROJAN MSIL/Zbrain PUP/Stealer Installer UA (trojan.rules)
 2829203 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 1) (trojan.rules)
 2829204 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 2) (trojan.rules)
 2829205 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 3) (trojan.rules)
 2829206 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 4) (trojan.rules)
 2829207 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 5) (trojan.rules)
 2829208 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 6) (trojan.rules)
 2829209 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 7) (trojan.rules)
 2829210 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 8) (trojan.rules)
 2829211 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 9) (trojan.rules)
 2829212 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-01-08 10) (trojan.rules)
 2829218 - ETPRO TROJAN Win32/FileTour Variant CnC Checkin (trojan.rules)
 2829219 - ETPRO EXPLOIT Possible CVE-2017-6736 Malformed Vulnerable OID Inbound (exploit.rules)

[///]     Modified active rules:     [///]

 2019313 - ET TROJAN Sourtoff Receiving Simda Payload (trojan.rules)
 2826391 - ETPRO TROJAN Zloader HTTP Checkin (trojan.rules)

[---]         Removed rules:         [---]

 2015905 - ET CURRENT_EVENTS WSO - WebShell Activity - WSO Title (current_events.rules)
 2015906 - ET CURRENT_EVENTS WSO - WebShell Activity - POST structure (current_events.rules)

Date: 
Monday, January 8, 2018 - 00:00