[***] Summary: [***]
6 new Open, 24 new Pro (6 + 18). Apache CouchDB RCE, Various Phish, Various Mobile.
Thanks: @eSentire
[+++] Added rules: [+++]
Open:
2025624 - ET CURRENT_EVENTS [eSentire] Wells Fargo Phishing Landing 2018-06-20 (current_events.rules)
2025625 - ET CURRENT_EVENTS [eSentire] OneDrive Phishing Landing 2018-06-15 (current_events.rules)
2025626 - ET TROJAN [eSentire] VBS Retrieving Malicious Payload (trojan.rules)
2025627 - ET INFO [eSentire] Possible Kali Linux Updates (info.rules)
2025628 - ET CURRENT_EVENTS [eSentire] Successful Generic Phish 2018-06-15 (current_events.rules)
2025629 - ET CURRENT_EVENTS [eSentire] Successful Personalized Phish 2018-06-15 (current_events.rules)
Pro:
2831404 - ETPRO TROJAN Win32/TechSupportScam Base64 Scam Message Inbound (trojan.rules)
2831406 - ETPRO EXPLOIT Ecessa WANWorx WVR-30 Cross-Site Request Forgery (exploit.rules)
2831407 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.BL Checkin (mobile_malware.rules)
2831408 - ETPRO WEB_SPECIFIC_APPS WordPress Plugin iThemes Security SQL Injection (web_specific_apps.rules)
2831409 - ETPRO MOBILE_MALWARE Android.SmsPay.H Checkin (mobile_malware.rules)
2831410 - ETPRO EXPLOIT Intex Router N-150 Cross-Site Request Forgery (exploit.rules)
2831411 - ETPRO MOBILE_MALWARE Android/Generic.Z.8BC5CF!tr Checkin (mobile_malware.rules)
2831412 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 371 (mobile_malware.rules)
2831413 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.LH Contact Exfil (mobile_malware.rules)
2831414 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.LH CnC Beacon (mobile_malware.rules)
2831415 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.LH CnC Beacon 2 (mobile_malware.rules)
2831416 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.LH CnC Beacon 3 (mobile_malware.rules)
2831417 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.LH CnC Beacon 4 (mobile_malware.rules)
2831418 - ETPRO WEB_SPECIFIC_APPS Apache CouchDB Remote Code Execution 1 (web_specific_apps.rules)
2831419 - ETPRO WEB_SPECIFIC_APPS Apache CouchDB Remote Code Execution 2 (web_specific_apps.rules)
2831420 - ETPRO WEB_SPECIFIC_APPS Apache CouchDB Remote Code Execution 3 (web_specific_apps.rules)
2831421 - ETPRO WEB_SPECIFIC_APPS Apache CouchDB Remote Code Execution 4 (web_specific_apps.rules)
2831422 - ETPRO EXPLOIT AsusWRT RT-AC750GF Cross-Site Request Forgery (exploit.rules)
[///] Modified active rules: [///]
2025476 - ET CURRENT_EVENTS [eSentire] Docusign Phishing Landing 2018-04-09 (current_events.rules)
2831382 - ETPRO TROJAN Win32/Kutaki CnC Checkin (trojan.rules)