[***] Summary: [***]

1 new Open signature, 18 new Pro (1 + 17).  Paradise Ransomware, Drolock, VARIOUS PHISHING.

Thanks:  @attackdetection

[+++]          Added rules:          [+++]

Open:

2025631 - ET TROJAN [PTsecurity] Paradise Ransomware Check-in (trojan.rules)

Pro:

2831469 - ETPRO TROJAN Trojan.Agent.DAQC CnC Checkin (trojan.rules)
2831470 - ETPRO MOBILE_MALWARE Android/Hiddad.AD CnC Beacon (mobile_malware.rules)
2831471 - ETPRO MOBILE_MALWARE Android/SMSreg.AIP CnC Beacon (mobile_malware.rules)
2831472 - ETPRO EXPLOIT Cisco Adaptive Security Appliance - Path Traversal (exploit.rules)
2831473 - ETPRO EXPLOIT DynoRoot DHCP - Client Command Injection (exploit.rules)
2831474 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.WatchMyDroid.a CnC Beacon (mobile_malware.rules)
2831475 - ETPRO MOBILE_MALWARE Android.Riskware.Drolock.AH CnC Beacon (mobile_malware.rules)
2831476 - ETPRO MOBILE_MALWARE Android.Riskware.Drolock.AH CnC Beacon 2 (mobile_malware.rules)
2831477 - ETPRO TROJAN Win32/Unknown.Stealer CnC Checkin (trojan.rules)
2831478 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.Wapron.dkj CnC Beacon (mobile_malware.rules)
2831479 - ETPRO MOBILE_MALWARE Android.Trojan.SmsSpy.UM Checkin (mobile_malware.rules)
2831480 - ETPRO CURRENT_EVENTS Observed MalDoc DL 2018-06-29 Domain (dkb-agbs .com in TLS SNI) (current_events.rules)
2831481 - ETPRO TROJAN MalDoc Requesting Obfuscated Payload 2018-06-29 (trojan.rules)
2831482 - ETPRO CURRENT_EVENTS Successful ING Direct Phish M1 2018-06-29 (current_events.rules)
2831483 - ETPRO CURRENT_EVENTS Successful ING Direct Phish M2 2018-06-29 (current_events.rules)
2831484 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2018-06-29 (current_events.rules)
2831485 - ETPRO EXPLOIT CloudMe Sync Buffer Overflow (exploit.rules)

[///]     Modified active rules:     [///]

2810600 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Honli.a Checkin (mobile_malware.rules)

Date: 
Thursday, June 28, 2018 - 22:00