Daily Ruleset Update Summary
Daily Ruleset Update Summary 2018/08/21

[***]            Summary:            [***]

4 new Open, 20 new Pro (4 + 16). Remcos RAT, Win32.Dostre.a, Br.Bancos Variant, Various Mobile.

Thanks: @AttackDetection

[+++]          Added rules:          [+++]

Open:

2026003 - ET SCADA SEIG SYSTEM 9 - Remote Code Execution (scada.rules)
2026004 - ET TROJAN [PTsecurity] Remcos RAT Checkin 26 (trojan.rules)
2026005 - ET SCADA SEIG Modbus 3.4 - Remote Code Execution (scada.rules)
2026006 - ET CURRENT_EVENTS Successful Generic Phish Phish 2018-08-21 (current_events.rules)

Pro:

2832241 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Anubis SSL CnC Cert (mobile_malware.rules)
2832242 - ETPRO TROJAN Trojan.Win32.Dostre.a IP Check (trojan.rules)
2832243 - ETPRO TROJAN Trojan.Win32.Dostre.a UDP CnC (trojan.rules)
2832244 - ETPRO TROJAN MSIL/Br.Bancos Variant CnC Checkin (trojan.rules)
2832245 - ETPRO CURRENT_EVENTS Possible More_eggs Connectivity Check M2 (current_events.rules)
2832246 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-08-21) (current_events.rules)
2832247 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-08-21 2) (current_events.rules)
2832248 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-08-21 3) (current_events.rules)
2832249 - ETPRO CURRENT_EVENTS Successful BT Phish 2018-08-21 (current_events.rules)
2832250 - ETPRO CURRENT_EVENTS Successful RBC Royal Bank Phish 2018-08-21 (current_events.rules)
2832251 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2018-08-21 (current_events.rules)
2832252 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-21 1) (trojan.rules)
2832253 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-21 2) (trojan.rules)
2832254 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-21 3) (trojan.rules)
2832255 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-21 4) (trojan.rules)
2832256 - ETPRO TROJAN Win32/BedBug Password Exfil (trojan.rules)

[///]     Modified active rules:     [///]

2021117 - ET TROJAN Win32/Rallovs.A CnC Beacon (trojan.rules)
2832147 - ETPRO CURRENT_EVENTS JS/BrushaLoader CnC Checkin M2 (current_events.rules)

[---]         Removed rules:         [---]

2016522 - ET CURRENT_EVENTS Unknown Exploit Kit Payload Request (current_events.rules)

Date:
Summary title:
4 new Open, 20 new Pro (4 + 16). Remcos RAT, Win32.Dostre.a, Br.Bancos Variant, Various Mobile.