[***] Summary: [***]
7 new Open, 18 new Pro (7 + 11). CPE Exploits, Win32/Agent.ZVX, MSIL/SeekerBot.
[+++] Added rules: [+++]
Open:
2026102 - ET EXPLOIT Linksys E-Series Device RCE Attempt (exploit.rules)
2026103 - ET EXPLOIT Possible Vacron NVR Remote Command Execution M2 (exploit.rules)
2026104 - ET EXPLOIT EnGenius EnShare IoT Gigabit Cloud Service RCE (exploit.rules)
2026105 - ET EXPLOIT Zyxel Command Injection RCE (CVE-2017-6884) (exploit.rules)
2026106 - ET EXPLOIT NetGain Enterprise Manager 7.2.562 Ping Command Injection (exploit.rules)
2026107 - ET EXPLOIT NUUO OS Command Injection (exploit.rules)
2026108 - ET EXPLOIT NUUO OS Command Injection M2 (exploit.rules)
Pro:
2832501 - ETPRO TROJAN Win32/Agent.ZVX CnC Checkin (trojan.rules)
2832502 - ETPRO CURRENT_EVENTS PowerShell Decoding Potential Stage 2 (current_events.rules)
2832503 - ETPRO TROJAN Win32/Remcos RAT Checkin 48 (trojan.rules)
2832504 - ETPRO TROJAN MSIL/SeekerBot IRC Checkin (trojan.rules)
2832505 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-09-10 1) (trojan.rules)
2832506 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-09-10 2) (trojan.rules)
2832507 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-09-10 3) (trojan.rules)
2832508 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-09-10 4) (trojan.rules)
2832509 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-09-10 5) (trojan.rules)
2832510 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-09-10 6) (trojan.rules)
2832511 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-09-10 7) (trojan.rules)
[///] Modified active rules: [///]
2026023 - ET EXPLOIT SonicWall Global Management System - XMLRPC set_time_zone Command Injection (CVE-2018-9866) (exploit.rules)
2826441 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 4 (mobile_malware.rules)