[***]            Summary:            [***]

1 new Open, 25 new Pro (1 + 24). MuddyWater APT POWERSTAT CnC, KovCoreG SocEng, Various Mobile, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2025368 - ET CURRENT_EVENTS Successful Generic Multi-Account Phish 2018-02-16 (current_events.rules)

Pro:

2829687 - ETPRO CURRENT_EVENTS Successful IRS Phish 2018-02-16 (current_events.rules)
2829688 - ETPRO TROJAN Kovter Malicious SSL Certificate Detected (trojan.rules)
2829689 - ETPRO MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 15 (mobile_malware.rules) 
2829690 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 286 (mobile_malware.rules)
2829691 - ETPRO TROJAN MuddyWater APT POWERSTAT CnC M3 (trojan.rules)
2829692 - ETPRO TROJAN MuddyWater APT POWERSTAT CnC M4 (trojan.rules)
2829693 - ETPRO TROJAN KovCoreG SocEng DNS Lookup (trojan.rules)
2829694 - ETPRO TROJAN KovCoreG SocEng Domain in SNI (trojan.rules)
2829695 - ETPRO TROJAN KovCoreG SocEng Malicious SSL Certificate Detected (trojan.rules)
2829696 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2018-02-16 (current_events.rules)
2829697 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2018-02-16 (current_events.rules)
2829698 - ETPRO CURRENT_EVENTS Successful Verified by Visa Phish 2018-02-16 (current_events.rules)
2829699 - ETPRO CURRENT_EVENTS Successful Unicred Mobile Phish 2018-02-16 (current_events.rules)
2829700 - ETPRO CURRENT_EVENTS Successful Dropbox Phish 2018-02-16 (current_events.rules)
2829701 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2018-02-16 (current_events.rules)
2829702 - ETPRO CURRENT_EVENTS Successful Swisscom Phish 2018-02-16 (current_events.rules)
2829703 - ETPRO CURRENT_EVENTS Successful BNP Paribas Phish 2018-02-16 (current_events.rules)
2829704 - ETPRO CURRENT_EVENTS Successful Sparkasse Phish 2018-02-16 (current_events.rules)
2829705 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-16 1) (trojan.rules)
2829706 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-16 2) (trojan.rules)
2829707 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-16 3) (trojan.rules)
2829708 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-16 4) (trojan.rules)
2829709 - ETPRO MALWARE MSIL/Linkury Toolbar Style External IP Check (malware.rules)
2829710 - ETPRO MALWARE MSIL/Linkury Toolbar Activity (malware.rules)

[+++]  Enabled and modified rules:   [+++]

2828913 - ETPRO TROJAN WIN32/KOVTER.B Checkin 2 M3 (trojan.rules)

[///]     Modified active rules:     [///]

2821031 - ETPRO CURRENT_EVENTS Successful Craigslist Phish Jul 11 2016 (current_events.rules)
2824923 - ETPRO CURRENT_EVENTS Apple Phishing Landing M1 Feb 13 2017 (current_events.rules)
2825163 - ETPRO CURRENT_EVENTS Successful Generic Phish (Redirect to Download PDF) Feb 28 2017 (current_events.rules)
2829671 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2018-02-14 (current_events.rules)

[---]  Disabled and modified rules:  [---]

2801334 - ETPRO WEB_CLIENT Adobe PDF Memory Corruption /Ff Dictionary Key Corruption (web_client.rules)

Date: 
Friday, February 16, 2018 - 00:00