Daily Ruleset Update Summary
Daily Ruleset Update Summary 2018/02/09

[***]            Summary:            [***]

9 new Open, 19 new Pro (9 + 10). Shurl0ckr Ransomware, OilRig RGDoor, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2025332 - ET TROJAN Shurl0ckr Ransomware CnC (kdvm5fd6tn6jsbwh .onion .to in DNS Lookup) (trojan.rules)
2025333 - ET CURRENT_EVENTS Successful Generic .EDU Phish (Legit Set) (current_events.rules)
2025334 - ET CURRENT_EVENTS ASB Bank Phishing Landing 2018-02-09 M1 (current_events.rules)
2025335 - ET CURRENT_EVENTS LinkedIn Phishing Landing 2018-02-09 M1 (current_events.rules)
2025336 - ET CURRENT_EVENTS ASB Bank Phishing Landing 2018-02-09 M2 (current_events.rules)
2025337 - ET CURRENT_EVENTS Wells Fargo Phishing Landing 2018-02-09 (current_events.rules)
2025338 - ET CURRENT_EVENTS LinkedIn Phishing Landing 2018-02-09 M2 (current_events.rules)
2025339 - ET CURRENT_EVENTS Facebook Phishing Landing 2018-02-09 (current_events.rules)
2025340 - ET CURRENT_EVENTS Mailbox Revalidation Phishing Landing 2018-02-09 (current_events.rules)

Pro:

2829617 - ETPRO EXPLOIT Adobe Flash Use After Free (CVE-2017-4877) (exploit.rules)
2829618 - ETPRO TROJAN Chthonic CnC Beacon 13 (trojan.rules)
2829619 - ETPRO TROJAN OilRig RGDoor Implant Communicating with CnC (trojan.rules)
2829620 - ETPRO TROJAN Chthonic CnC Beacon Generic M1 (trojan.rules)
2829621 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-09 1) (trojan.rules)
2829622 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-09 2) (trojan.rules)
2829623 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-09 3) (trojan.rules)
2829624 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-09 4) (trojan.rules)
2829625 - ETPRO TROJAN Chthonic CnC Beacon 14 (trojan.rules)
2829626 - ETPRO TROJAN NameCoin .bit DNS Sinkhole Response (trojan.rules)

[///]     Modified active rules:     [///]

2827572 - ETPRO CURRENT_EVENTS Successful Generic .EDU Phish Aug 17 2017 (current_events.rules)
2828734 - ETPRO TROJAN Powerstats C2 (trojan.rules)
2829308 - ETPRO TROJAN MSIL/Remcos Variant CnC Checkin (trojan.rules)
2829459 - ETPRO TROJAN Win32/Agent.ZGL Variant W32/UDPOS Checkin (trojan.rules)

Date:
Summary title:
9 new Open, 19 new Pro (9 + 10). Shurl0ckr Ransomware, OilRig RGDoor, Various Phishing.