Daily Ruleset Update Summary 2018/02/20

[***]            Summary:            [***]

3 new Open, 27 new Pro (3 + 24). Win32/FileTour Variant, MSIL/CTUA.Miner, Coldroot RAT, Various Mobile, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2025371 - ET CURRENT_EVENTS Smartermail Phishing Landing 2018-02-20 (current_events.rules)
2025372 - ET CURRENT_EVENTS USAA Phishing Landing 2018-02-20 (current_events.rules)
2025373 - ET CURRENT_EVENTS Yahoo Phishing Landing 2018-02-20 (current_events.rules)

Pro:

2829218 - ETPRO MALWARE Win32/FileTour Variant CnC Checkin (malware.rules)
2829724 - ETPRO CURRENT_EVENTS Successful Apple Phish 2018-02-20 (current_events.rules)
2829725 - ETPRO CURRENT_EVENTS Successful Apple Phish 2018-02-20 (current_events.rules)
2829726 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2018-02-20 (current_events.rules)
2829727 - ETPRO MALWARE MSIL/Adware.Temonde Activity (malware.rules)
2829728 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2018-02-20 (current_events.rules)
2829729 - ETPRO CURRENT_EVENTS Successful Commonwealth Bank Phish 2018-02-20 (current_events.rules)
2829730 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2018-02-20 (current_events.rules)
2829731 - ETPRO CURRENT_EVENTS Successful Apple Phish 2018-02-20 (current_events.rules)
2829732 - ETPRO TROJAN Shifr/Shurl0cker Ransomware CnC DNS Lookup (trojan.rules)
2829733 - ETPRO TROJAN MSIL/CTUA.Miner Retrieving Config (trojan.rules)
2829734 - ETPRO MALWARE Win32/FileTour Variant CnC Checkin (malware.rules)
2829735 - ETPRO TROJAN Malicious PS/CoinMiner Domain Observed (mariadeabreu .cf in DNS Lookup) (trojan.rules)
2829736 - ETPRO TROJAN Malicious PS/CoinMiner Domain Observed (mariadeabreu .cf in TLS SNI) (trojan.rules)
2829737 - ETPRO TROJAN MSIL/CrabbMiner CnC Activity (trojan.rules)
2829738 - ETPRO MOBILE_MALWARE Android/Coinminer.V Checkin (mobile_malware.rules)
2829739 - ETPRO TROJAN Coldroot RAT CnC Checkin (trojan.rules)
2829740 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-20 1) (trojan.rules)
2829741 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-20 2) (trojan.rules)
2829742 - ETPRO MOBILE_MALWARE Android Rootnik-AI Checkin (mobile_malware.rules)
2829743 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-20 3) (trojan.rules)
2829744 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-20 4) (trojan.rules)
2829745 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-20 5) (trojan.rules)
2829746 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-02-20 6) (trojan.rules)

[///]     Modified active rules:     [///]

[---]         Removed rules:         [---]

2829218 - ETPRO TROJAN Win32/FileTour Variant CnC Checkin (trojan.rules)

Date: 
Tuesday, February 20, 2018 - 00:00