[***]            Summary:            [***]

2 new Open, 12 new Pro (2 + 10). ELF/Samba, WebBrowserPassView Exfil, ShieldPush Bot.

[+++]          Added rules:          [+++]

2026717 - ET TROJAN ELF/Samba CnC Checkin (trojan.rules)
2026718 - ET POLICY External IP Lookup Domain (ifconfig .me) (policy.rules)
2833866 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-10 1) (trojan.rules)
2833867 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-10 2) (trojan.rules)
2833868 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-10 3) (trojan.rules)
2833869 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-10 4) (trojan.rules)
2833870 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-10 5) (trojan.rules)
2833871 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-10 6) (trojan.rules)
2833872 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-10 7) (trojan.rules)
2833873 - ETPRO TROJAN WebBrowserPassView Exfil via HTTP (trojan.rules)
2833874 - ETPRO TROJAN ShieldPush Bot CnC Checkin (trojan.rules)
2833875 - ETPRO POLICY External Proxy/VPN IP Check (policy.rules)

[///]     Modified active rules:     [///]

2823423 - ETPRO TROJAN FF49 Bot CnC Beacon (trojan.rules)
2833757 - ETPRO TROJAN Observed Malicious SSL Cert (BrushaLoader CnC) (trojan.rules)
2833758 - ETPRO TROJAN BrushaLoader CnC Domain in SNI (trojan.rules)

Date: 
Sunday, December 9, 2018 - 22:00