[***] Summary: [***]
2 new Open, 16 new Pro (2 + 14). GhostDNS, Muhstik Bot, MalDoc SSL Cert. CnC Domain.
[+++] Added rules: [+++]
2026607 - ET TROJAN Muhstik Bot Reporting Vulnerable Server to CnC (trojan.rules)
2026608 - ET TROJAN JunkMiner Downloader Communicating with CnC (trojan.rules)
2833554 - ETPRO CURRENT_EVENTS MalDoc Retrieving Ursnif Payload 2018-11-14 (current_events.rules)
2833555 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-11-14) (current_events.rules)
2833556 - ETPRO TROJAN TeleGbot Exfiltrating Credit Card and Cookie Data (trojan.rules)
2833557 - ETPRO CURRENT_EVENTS GhostDNS JS DNSChanger Initial Landing Page 2018-11-14 (current_events.rules)
2833558 - ETPRO CURRENT_EVENTS GhostDNS JS DNSChanger Base64 Attack Modules Landing Page 2018-11-14 (current_events.rules)
2833559 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M1 (current_events.rules)
2833560 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M2 (current_events.rules)
2833561 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M3 (current_events.rules)
2833562 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M4 (current_events.rules)
2833563 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M5 (current_events.rules)
2833564 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M6 (Bruteforce) (current_events.rules)
2833565 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M7 (Bruteforce) (current_events.rules)
2833566 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M8 (Bruteforce) (current_events.rules)
2833567 - ETPRO CURRENT_EVENTS Possible GhostDNS Attempting Intranet Router Compromise M9 (Bruteforce) (current_events.rules)
[///] Modified active rules: [///]
2833543 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-11-13 1) (trojan.rules)