[***]            Summary:            [***]

6 new Open, 22 new Pro (6 + 16). CVE-2018-8460, MSIL.StillerBot, Win32/ASPC Bot/ARS Stealer, Various Phishing, Various Mobile.

[+++]          Added rules:          [+++]

Open:

2026531 - ET WEB_CLIENT IE Double Free (CVE-2018-8460) (web_client.rules)
2026532 - ET CURRENT_EVENTS Possible Successful Generic Phish to .ml Domain 2018-10-23 (current_events.rules)
2026533 - ET CURRENT_EVENTS Possible Successful Generic Phish to .cf Domain 2018-10-23 (current_events.rules)
2026534 - ET CURRENT_EVENTS Possible Successful Generic Phish to .ga Domain 2018-10-23 (current_events.rules)
2026535 - ET CURRENT_EVENTS Possible Successful Generic Phish to .gq Domain 2018-10-23 (current_events.rules)
2026536 - ET CURRENT_EVENTS Possible Successful Generic Phish to .gqn Domain 2018-10-23 (current_events.rules)

Pro:

2833241 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin 4 (mobile_malware.rules)
2833242 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 447 (mobile_malware.rules)
2833243 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-23 1) (trojan.rules)
2833244 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-23 2) (trojan.rules)
2833245 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-23 3) (trojan.rules)
2833246 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-23 4) (trojan.rules)
2833247 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-10-23 5) (trojan.rules)
2833248 - ETPRO POLICY Suspicious EXE Download Content-Type image/jpeg (policy.rules)
2833249 - ETPRO TROJAN Win32/ASPC Bot/ARS Stealer Sending Screenshot (trojan.rules)
2833250 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2018-10-23 (current_events.rules)
2833251 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2018-10-23 (current_events.rules)
2833252 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2018-10-23 (current_events.rules)
2833253 - ETPRO TROJAN SSL/TLS Certificate Observed (Cobalt) (trojan.rules)
2833254 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2018-10-23 (current_events.rules)
2833255 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-10-23 (current_events.rules)
2833256 - ETPRO TROJAN SSL/TLS Certificate Observed (Win32/Fuerboos.C!cl) (trojan.rules)

[///]     Modified active rules:     [///]

2828578 - ETPRO MOBILE_MALWARE Android Bankbot CnC Beacon (mobile_malware.rules)

Date: 
Tuesday, October 23, 2018 - 00:00