[***]            Summary:            [***]

2 new Open, 16 new Pro (2 + 14). GhostDNS, Muhstik Bot, MalDoc SSL Cert. CnC Domain.

[+++]          Added rules:          [+++]

2026607 - ET TROJAN Muhstik Bot Reporting Vulnerable Server to CnC (trojan.rules)
2026608 - ET TROJAN JunkMiner Downloader Communicating with CnC (trojan.rules)
2833554 - ETPRO CURRENT_EVENTS MalDoc Retrieving Ursnif Payload 2018-11-14 (current_events.rules)
2833555 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-11-14) (current_events.rules)
2833556 - ETPRO TROJAN TeleGbot Exfiltrating Credit Card and Cookie Data (trojan.rules)
2833557 - ETPRO CURRENT_EVENTS GhostDNS JS DNSChanger Initial Landing Page 2018-11-14 (current_events.rules)
2833558 - ETPRO CURRENT_EVENTS GhostDNS JS DNSChanger Base64 Attack Modules Landing Page 2018-11-14 (current_events.rules)
2833559 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M1 (current_events.rules)
2833560 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M2 (current_events.rules)
2833561 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M3 (current_events.rules)
2833562 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M4 (current_events.rules)
2833563 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M5 (current_events.rules)
2833564 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M6 (Bruteforce) (current_events.rules)
2833565 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M7 (Bruteforce) (current_events.rules)
2833566 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M8 (Bruteforce) (current_events.rules)
2833567 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M9 (Bruteforce) (current_events.rules)

[///]     Modified active rules:     [///]

2833543 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-11-13 1) (trojan.rules)

Date: 
Wednesday, November 14, 2018 - 00:00