[***]            Summary:            [***]

9 new Pro. MAPP, Win32/Donloz.ALW, Cobint Module SSL.

August MAPP Coverage:
2832175 => CVE-2018-12799
2832176 => CVE-2018-12824
2832177 => CVE-2018-12826

[+++]          Added rules:          [+++]

Pro:

2832170 - ETPRO TROJAN Observed Malicious SSL Cert (Cobalt Strike CnC) (trojan.rules)
2832171 - ETPRO TROJAN Observed Malicious SSL Cert (Cobint Module CnC) (trojan.rules)
2832172 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-14 1) (trojan.rules)
2832173 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-14 2) (trojan.rules)
2832174 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-14 3) (trojan.rules)
2832175 - ETPRO EXPLOIT Adobe Reader Untrusted Pointer Dereference (CVE-2018-12799) (exploit.rules)
2832176 - ETPRO EXPLOIT Flash Player Out-of-bounds Read (CVE-2018-12824) (exploit.rules)
2832177 - ETPRO EXPLOIT Flash Player Out-of-bounds Read (CVE-2018-12826) (exploit.rules)
2832178 - ETPRO TROJAN Win32/Donloz.ALW Checkin M1 (trojan.rules)

[///]     Modified active rules:     [///]

2012811 - ET DNS Query to a .tk domain - Likely Hostile (dns.rules)
2014726 - ET POLICY Outdated Flash Version M1 (policy.rules)
2024379 - ET POLICY Outdated Flash Version M2 (policy.rules)
2831954 - ETPRO USER_AGENTS Nullsoft Mozilla UA (NSISDL) (user_agents.rules)

Date: 
Monday, August 13, 2018 - 22:00