Daily Ruleset Update Summary 2018/05/10

[***]            Summary:            [***]

1 new Open, 25 new Pro (1 + 24). CVE-2016-3088, MSIL/Agent.SLZ, W32/StrawberryKR, Various Phishing, Various Mobile.

[+++]          Added rules:          [+++]

Open:

2025574 - ET WEB_SPECIFIC_APPS Apache ActiveMQ File Upload RCE (CVE-2016-3088) (web_specific_apps.rules)

Pro:

2830782 - ETPRO TROJAN MSIL/Agent.SLZ Sending Passwords to CnC (trojan.rules)
2830783 - ETPRO TROJAN MSIL/Agent.SLZ CnC Checkin (trojan.rules)
2830784 - ETPRO TROJAN MSIL/Agent.SLZ CnC Sending StealAll Command (trojan.rules)
2830785 - ETPRO TROJAN W32/StrawberryKR.Screenlocker CnC Checkin (trojan.rules)
2830786 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 9 (mobile_malware.rules)
2830787 - ETPRO CURRENT_EVENTS Successful Chase Phish 2018-05-10 (current_events.rules)
2830788 - ETPRO CURRENT_EVENTS Successful Adobe Protected File Phish 2018-05-10 (current_events.rules)
2830789 - ETPRO CURRENT_EVENTS Possible Chalbhai (Multibrand) Phishing Landing 2018-05-10 (current_events.rules)
2830790 - ETPRO CURRENT_EVENTS Successful Sharepoint Phish 2018-05-10 (current_events.rules)
2830791 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2018-05-10 (current_events.rules)
2830792 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2018-05-10 (current_events.rules)
2830793 - ETPRO CURRENT_EVENTS Successful QNB Finansbank Phish 2018-05-10 (current_events.rules)
2830794 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 1) (trojan.rules)
2830795 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 2) (trojan.rules)
2830796 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 3) (trojan.rules)
2830797 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 4) (trojan.rules)
2830798 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 5) (trojan.rules)
2830799 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 6) (trojan.rules)
2830800 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 7) (trojan.rules)
2830801 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 8) (trojan.rules)
2830802 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 9) (trojan.rules)
2830803 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 10) (trojan.rules)
2830804 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 11) (trojan.rules)
2830805 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-10 12) (trojan.rules)

[///]     Modified active rules:     [///]

2830194 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2018-03-29 (current_events.rules)
2830471 - ETPRO TROJAN W32/ExtenBro.EL Checkin (trojan.rules)
2830759 - ETPRO TROJAN URLZone C2 Domain (conishiret .com in TLS SNI) (trojan.rules)
2830764 - ETPRO TROJAN SSL/TLS Certificate Observed (Ursnif) (trojan.rules)

Date: 
Thursday, May 10, 2018 - 00:00