Daily Ruleset Update Summary
Daily Ruleset Update Summary 2018/08/22

[***]            Summary:            [***]

9 new Open, 32 new Pro (9 + 23). Geutebrueck re_porter, MSIL/Biskvit.A, MSIL/EWX.Loader, Various Mobile, Phish.

Thanks: @AttackDetection

[+++]          Added rules:          [+++]

Open:

2026007 - ET TROJAN [PTsecurity] MSIL/Biskvit.A Check-in (trojan.rules)
2026008 - ET SCAN Geutebrueck re_porter 7.8.974.20 Information Disclosure (scan.rules)
2026009 - ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 1 (web_specific_apps.rules)
2026010 - ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 2 (web_specific_apps.rules)
2026011 - ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 3 (web_specific_apps.rules)
2026012 - ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 4 (web_specific_apps.rules)
2026013 - ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 5 (web_specific_apps.rules)
2026014 - ET WEB_SPECIFIC_APPS Geutebrueck re_porter 16 - Cross-Site Scripting 6 (web_specific_apps.rules)
2026015 - ET SCAN Hikvision IP Camera 5.4.0 Information Disclosure (scan.rules)

Pro:

2832257 - ETPRO TROJAN Win32/Zpevdo.A Check-in (trojan.rules)
2832258 - ETPRO TROJAN Win32/Trojan.Fuerboos Checkin (trojan.rules)
2832259 - ETPRO POLICY Observed MSI Download (policy.rules)
2832260 - ETPRO POLICY Hashvault Monero Miner Pool Configuration File Downloaded (policy.rules)
2832261 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 2 (mobile_malware.rules)
2832262 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 3 (mobile_malware.rules)
2832263 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 4 (mobile_malware.rules)
2832264 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 5 (mobile_malware.rules)
2832265 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 6 (mobile_malware.rules)
2832266 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 7 (mobile_malware.rules)
2832267 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Handda.san Checkin 8 (mobile_malware.rules)
2832268 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-08-22) (current_events.rules)
2832269 - ETPRO CURRENT_EVENTS Observed MalDoc DL 2018-08-22 Domain (www .tljcutnedge .co .za in TLS SNI) (current_events.rules)
2832270 - ETPRO TROJAN Observed Malicious SSL Cert (BedBug Downloader) (trojan.rules)
2832271 - ETPRO TROJAN MSIL/EWX.Loader Checkin (trojan.rules)
2832272 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2018-08-22 (current_events.rules)
2832273 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2018-08-22 (current_events.rules)
2832274 - ETPRO TROJAN MSIL/SliderBot CnC Checkin (trojan.rules)
2832275 - ETPRO CURRENT_EVENTS Successful Google Account Phish 2018-08-22 (current_events.rules)
2832276 - ETPRO TROJAN Win32/Zpevdo.A Stealer Checkin (trojan.rules)
2832277 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-22 1) (trojan.rules)
2832278 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-22 2) (trojan.rules)
2832279 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-08-22 3) (trojan.rules)

[///]     Modified active rules:     [///]

2830193 - ETPRO TROJAN Ursnif CnC Checkin (trojan.rules)

[---]         Removed rules:         [---]

2021117 - ET TROJAN Win32/Rallovs.A CnC Beacon (trojan.rules)

Date:
Summary title:
9 new Open, 32 new Pro (9 + 23). Geutebrueck re_porter, MSIL/Biskvit.A, MSIL/EWX.Loader, Various Mobile, Phish.