[***]            Summary:            [***]

2 new Open, 24 new Pro (2 + 22). ProjectHook, Various Phish, W32.Induc Stealer.

[+++]          Added rules:          [+++]

Open:

2025596 - ET TROJAN BackSwap Trojan C2 Domain Observed (debasuin .nl in DNS Lookup) (trojan.rules)
2025597 - ET TROJAN BackSwap Trojan C2 Domain Observed (debasuin .nl in TLS SNI) (trojan.rules)

Pro:

2831345 - ETPRO TROJAN Win32/TrojanDropper.Delf.OEF CnC Checkin (trojan.rules)
2831346 - ETPRO TROJAN MSIL/PSW.Agent.QTT Exfiltrating Passwords and Cookies (trojan.rules)
2831347 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (Malicious PSDL 2018-06-20) (current_events.rules)
2831348 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (Malicious PSDL 2018-06-20 2) (current_events.rules)
2831349 - ETPRO CURRENT_EVENTS Redirect for Interac Phishing 2018-06-19 (current_events.rules)
2831350 - ETPRO CURRENT_EVENTS Successful Amex Phish 2018-06-20 (current_events.rules)
2831351 - ETPRO CURRENT_EVENTS Successful Alibaba Phish 2018-06-20 (current_events.rules)
2831352 - ETPRO CURRENT_EVENTS Successful Microsoft Azure Phish 2018-06-20 (current_events.rules)
2831353 - ETPRO CURRENT_EVENTS Successful Generic Phish - Observed in Chase Phishing 2018-06-20 (current_events.rules)
2831354 - ETPRO CURRENT_EVENTS Successful Personalized Linkedin Phish 2018-06-20 (current_events.rules)
2831355 - ETPRO TROJAN W32.Induc Stealer Sending PW via SMTP (trojan.rules)
2831356 - ETPRO CURRENT_EVENTS Successful Google Login Phish 2018-06-20 (current_events.rules)
2831357 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (Malicious PSDL 2018-06-20 3) (current_events.rules)
2831358 - ETPRO TROJAN Observed Malicious SSL Cert (Telegram Bot IP Check) (trojan.rules)
2831359 - ETPRO TROJAN ProjectHook POS CnC Keep-Alive (trojan.rules)
2831360 - ETPRO TROJAN Win32/Pterodo.CL Checkin (trojan.rules)
2831361 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-20 1) (trojan.rules)
2831362 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-20 2) (trojan.rules)
2831363 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-20 3) (trojan.rules)
2831364 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-20 4) (trojan.rules)
2831365 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-20 5) (trojan.rules)
2831366 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-06-20 6) (trojan.rules)

[///]     Modified active rules:     [///]

2815142 - ETPRO TROJAN Bergard Checkin 1 (trojan.rules)

Date: 
Tuesday, June 19, 2018 - 22:00