[***] Summary: [***]
10 new Open, 30 new Pro (10 + 20). Win32/Phorpiex, Backdoor.Ranky, PoisonFang Ransomware, Various Phish, Mobile.
[+++] Added rules: [+++]
Open:
2025870 - ET CURRENT_EVENTS Badoo Phishing Landing 2018-07-19 (current_events.rules)
2025871 - ET CURRENT_EVENTS GitLab Phishing Landing 2018-07-19 (current_events.rules)
2025872 - ET CURRENT_EVENTS Fake 404 With Hidden Login Form (current_events.rules)
2025873 - ET CURRENT_EVENTS Github Phishing Landing 2018-07-19 (current_events.rules)
2025874 - ET CURRENT_EVENTS Twitter Phishing Landing 2018-07-19 (current_events.rules)
2025875 - ET CURRENT_EVENTS Netflix Phishing Landing 2017-07-20 (current_events.rules)
2025876 - ET CURRENT_EVENTS LinkedIn Phishing Landing 2017-07-20 (current_events.rules)
2025877 - ET WEB_SPECIFIC_APPS XML External Entity Information Disclosure (web_specific_apps.rules)
2025878 - ET WEB_SPECIFIC_APPS XML External Entity Remote Code Execution (web_specific_apps.rules)
2025879 - ET ATTACK_RESPONSE passwd file Outbound from WEB SERVER Linux (attack_response.rules)
Pro:
2831905 - ETPRO MOBILE_MALWARE Android/Styricka.C CnC Responding with Config (mobile_malware.rules)
2831906 - ETPRO TROJAN Win32/Phorpiex Crypto Stealer Module EXE Inbound (trojan.rules)
2831907 - ETPRO TROJAN Win32.Frauder.ahk Checkin M2 (trojan.rules)
2831908 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-07-20) (current_events.rules)
2831909 - ETPRO TROJAN Win32.Backdoor.Ranky/Prophet Checkin M1 (trojan.rules)
2831910 - ETPRO TROJAN Magic HTTP CnC Checkin (trojan.rules)
2831911 - ETPRO TROJAN Win32.Backdoor.Ranky/Prophet Checkin M2 (trojan.rules)
2831912 - ETPRO TROJAN PoisonFang Ransomware CnC Checkin/Keep-Alive (trojan.rules)
2831913 - ETPRO TROJAN PoisonFang Ransomware CnC Key Exchange (trojan.rules)
2831914 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-20 1) (trojan.rules)
2831915 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-20 2) (trojan.rules)
2831916 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-07-20 3) (trojan.rules)
2831917 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2018-07-20 (current_events.rules)
2831918 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2018-07-20 (current_events.rules)
2831919 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2018-07-20 (current_events.rules)
2831920 - ETPRO CURRENT_EVENTS Successful Apple Phish 2018-07-20 (current_events.rules)
2831921 - ETPRO CURRENT_EVENTS Successful OneDrive/Office 365 Phish 2018-07-20 (current_events.rules)
2831922 - ETPRO CURRENT_EVENTS Successful Dropbox Phish 2018-07-20 (current_events.rules)
2831923 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2018-07-20 (current_events.rules)
2831924 - ETPRO CURRENT_EVENTS Successful Randomized Paypal Phish 2018-07-20 (current_events.rules)
[///] Modified active rules: [///]
2823937 - ETPRO CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016 (current_events.rules)
[---] Removed rules: [---]
2831882 - ETPRO CURRENT_EVENTS Badoo Phishing Landing 2018-07-19 (current_events.rules)
2831883 - ETPRO CURRENT_EVENTS GitLab Phishing Landing 2018-07-19 (current_events.rules)
2831884 - ETPRO CURRENT_EVENTS Fake 404 With Hidden Login Form (current_events.rules)
2831885 - ETPRO CURRENT_EVENTS Github Phishing Landing 2018-07-19 (current_events.rules)
2831886 - ETPRO CURRENT_EVENTS Twitter Phishing Landing 2018-07-19 (current_events.rules)