[***]            Summary:            [***]

1 new Open, 20 new Pro (1 + 19). W32/Vemply.A, Shrug Ransomware, Various Exploit, Phish.

[+++]          Added rules:          [+++]

Open:

2025695 - ET SHELLCODE Execve(/bin/sh) Shellcode (shellcode.rules)

Pro:

2831753 - ETPRO TROJAN W32.WooDconn.KR Checkin (trojan.rules)
2831754 - ETPRO TROJAN W32/Vemply.A Checkin via MySQL (trojan.rules)
2831755 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-12 1) (trojan.rules)
2831756 - ETPRO EXPLOIT Adobe Coldfusion BlazeDS Java Object Deserialization Remote Code Execution (exploit.rules)
2831757 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-12 2) (trojan.rules)
2831758 - ETPRO CURRENT_EVENTS Successful Paypal Credit Card Phish 2018-07-13 (current_events.rules)
2831759 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2018-07-13 (current_events.rules)
2831760 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-12 3) (trojan.rules)
2831761 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-12 4) (trojan.rules)
2831762 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-12 5) (trojan.rules)
2831763 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-12 6) (trojan.rules)
2831764 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-07-13 (current_events.rules)
2831765 - ETPRO CURRENT_EVENTS Successful Amazon Phish 2018-07-13 (current_events.rules)
2831766 - ETPRO EXPLOIT Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution Unix (exploit.rules)
2831767 - ETPRO EXPLOIT Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution Windows (exploit.rules)
2831768 - ETPRO TROJAN Win32.Banker.Banbra.ss Checkin (trojan.rules)
2831769 - ETPRO TROJAN Possible Shrug Ransomware Checkin (trojan.rules)
2831770 - ETPRO USER_AGENTS Suspicious UA (IP Retriever) (user_agents.rules)
2831771 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-07-13) (current_events.rules)

[///]     Modified active rules:     [///]

2831402 - ETPRO TROJAN MSIL/Predator Stealer CnC Checkin/Exfil (trojan.rules)

[---]         Removed rules:         [---]

2811900 - ETPRO CURRENT_EVENTS Google Drive Phishing Landing Jul 10 2015 (current_events.rules)
2812158 - ETPRO CURRENT_EVENTS Google Drive Phishing Landing Jul 24 2015 (current_events.rules)
2812351 - ETPRO CURRENT_EVENTS Generic Credential Phishing Landing Aug 11 2015 (current_events.rules)
2812511 - ETPRO CURRENT_EVENTS Bank of America Phishing Landing Aug 19 2015 (current_events.rules)
2813009 - ETPRO CURRENT_EVENTS DHL Phish Landing Sept 14 2015 (current_events.rules)
2814526 - ETPRO CURRENT_EVENTS Chase Account Phish Landing Oct 22 (current_events.rules)
2814527 - ETPRO CURRENT_EVENTS AES Crypto Observed in Javascript - Possible Phishing Landing (current_events.rules)
2814780 - ETPRO CURRENT_EVENTS Google Drive Phishing Landing Nov 6 2015 M1 (current_events.rules)
2814781 - ETPRO CURRENT_EVENTS Google Drive Phishing Landing Nov 6 2015 M2 (current_events.rules)
2815112 - ETPRO CURRENT_EVENTS Excel/Adobe Online Phishing Landing Nov 25 2015 (current_events.rules)
2815145 - ETPRO CURRENT_EVENTS Possible Chase Phishing Landing - Title over non SSL (current_events.rules)
2815494 - ETPRO CURRENT_EVENTS AES Crypto Observed in Javascript - Possible Phishing Landing M1 Dec 28 2015 (current_events.rules)
2815660 - ETPRO CURRENT_EVENTS Suspicious Wordpress Redirect - Possible Phishing Landing Jan 7 2016 (current_events.rules)
2816313 - ETPRO CURRENT_EVENTS Chalbhai Phishing Landing Feb 18 2016 (current_events.rules)
2820239 - ETPRO CURRENT_EVENTS Mailbox Update Phishing Landing M1 May 16 (current_events.rules)
2820240 - ETPRO CURRENT_EVENTS Mailbox Update Phishing Landing M2 May 16 (current_events.rules)
2821394 - ETPRO CURRENT_EVENTS Wells Fargo Mobile Phishing Landing Aug 1 (current_events.rules)
2821824 - ETPRO CURRENT_EVENTS Possible Office 365 Phishing Landing Aug 24 2016 (current_events.rules)
2821881 - ETPRO INFO Suspicious Dropbox Page - Possible Phishing Landing (info.rules)
2821883 - ETPRO INFO Suspicious Google Docs Page - Possible Phishing Landing (info.rules)
2821956 - ETPRO CURRENT_EVENTS Google Drive Phish Landing Sept 1 2016 (current_events.rules)
2823305 - ETPRO CURRENT_EVENTS Shared Document Phishing Landing Nov 16 2016 (current_events.rules)
2823312 - ETPRO CURRENT_EVENTS Email Settings Error Phishing Landing Nov 16 2016 (current_events.rules)
2823739 - ETPRO CURRENT_EVENTS Stripe Phishing Landing Dec 09 2016 (current_events.rules)
2824923 - ETPRO CURRENT_EVENTS Apple Phishing Landing M1 Feb 13 2017 (current_events.rules)
2824924 - ETPRO CURRENT_EVENTS Apple Phishing Landing M2 Feb 13 2017 (current_events.rules)
2824969 - ETPRO CURRENT_EVENTS Microsoft Live External Link Phishing Landing M2 Feb 14 2017 (current_events.rules)
2825054 - ETPRO CURRENT_EVENTS Dropbox Shared Document Phishing Landing Feb 21 2017 (current_events.rules)
2825149 - ETPRO CURRENT_EVENTS Dropbox Phishing Landing Feb 27 2017 (current_events.rules)
2825307 - ETPRO CURRENT_EVENTS Docusign Phishing Landing Mar 08 2017 (current_events.rules)
2825445 - ETPRO CURRENT_EVENTS INTERAC Payment Multibank Phishing Landing Mar 14 2017 (current_events.rules)
2825485 - ETPRO CURRENT_EVENTS Microsoft Live Email Account Phishing Landing Mar 16 2017 (current_events.rules)
2825611 - ETPRO CURRENT_EVENTS Adobe Online Document Phishing Landing M1 Mar 25 2017 (current_events.rules)
2826557 - ETPRO CURRENT_EVENTS Dropbox Phishing Landing May 31 2017 (current_events.rules)
2826915 - ETPRO CURRENT_EVENTS Paypal Phishing Landing Jun 28 2017 (current_events.rules)
2826990 - ETPRO CURRENT_EVENTS Chase Mobile Phishing Landing M2 (current_events.rules)
2828385 - ETPRO CURRENT_EVENTS Chalbhai Phishing Landing Oct 23 2017 (current_events.rules)
2828602 - ETPRO CURRENT_EVENTS Apple Phishing Landing Nov 10 2017 (current_events.rules)
2828847 - ETPRO CURRENT_EVENTS Mailbox Shutdown Phishing Landing 2017-12-11 (current_events.rules)
2829018 - ETPRO CURRENT_EVENTS Generic Financial Phish Landing 2017-12-21 (current_events.rules)
2829266 - ETPRO CURRENT_EVENTS Generic Phishing Landing 2018-01-12 (current_events.rules)
2830789 - ETPRO CURRENT_EVENTS Possible Chalbhai (Multibrand) Phishing Landing 2018-05-10 (current_events.rules)

Date: 
Thursday, July 12, 2018 - 22:00