Daily Ruleset Update Summary 2018/05/18

Daily Ruleset Update Summary

[***] Summary: [***]

1 new Open, 13 new Pro (1 + 12). Win32/Vibem.C, Loda Logger, Various Phishing.

Thanks: Duane Howard

[+++] Added rules: [+++]

Open:

2025581 - ET TROJAN Win32/Vibem.C CnC Activity (trojan.rules)

Pro:

2830912 - ETPRO TROJAN Loda Logger CnC Beacon Response M2 (trojan.rules)
2830913 - ETPRO CURRENT_EVENTS Successful Apple Phish 2018-05-17 (current_events.rules)
2830914 - ETPRO CURRENT_EVENTS Malicious Redirect Leading to SocEng May 18 2018 (current_events.rules)
2830915 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-18 1) (trojan.rules)
2830916 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-18 2) (trojan.rules)
2830917 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-18 3) (trojan.rules)
2830918 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-18 4) (trojan.rules)
2830919 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-18 5) (trojan.rules)
2830920 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-18 6) (trojan.rules)
2830921 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-18 7) (trojan.rules)
2830922 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-18 8) (trojan.rules)
2830923 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-05-18 9) (trojan.rules)

[///] Modified active rules: [///]

2021013 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex/Trickbot CnC) (trojan.rules)
2021336 - ET TROJAN DDoS.XOR Checkin via HTTP (trojan.rules)

[---] Removed rules: [---]

2814500 - ETPRO TROJAN DDoS.XOR User Agent (trojan.rules)

Date:

Thursday, May 17, 2018

Summary title:

1 new Open, 13 new Pro (1 + 12). Win32/Vibem.C, Loda Logger, Various Phishing.