[***]            Summary:            [***]

2 new Open, 33 new Pro (2 + 31). Trickbot, Various Phish, Various certs.

Thanks: PTSecurity (@attackdetection)

[+++]          Added rules:          [+++]

Open:

2026738 - ET TROJAN [PTsecurity] Trickbot Data Exfiltration (trojan.rules)
2026739 - ET WEB_SPECIFIC_APPS Jenkins Attempted LFI Exploitation (CVE-2018-17246) (web_specific_apps.rules)

Pro:

2833986 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 457 (mobile_malware.rules)
2833987 - ETPRO TROJAN Rogue ProxyAutoConfig Domain in DNS Lookup (trojan.rules)
2833988 - ETPRO MALWARE PUP.PCmedic Module DL (malware.rules)
2833989 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-19 1) (trojan.rules)
2833990 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-19 2) (trojan.rules)
2833991 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-19 3) (trojan.rules)
2833992 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-19 4) (trojan.rules)
2833993 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-19 5) (trojan.rules)
2833994 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-19 6) (trojan.rules)
2833995 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-19 7) (trojan.rules)
2833996 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-19 8) (trojan.rules)
2833997 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-19 9) (trojan.rules)
2833998 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2018-12-19 (current_events.rules)
2833999 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2018-12-19 (current_events.rules)
2834000 - ETPRO CURRENT_EVENTS Successful Bittrex Phish 2018-12-19 (current_events.rules)
2834001 - ETPRO CURRENT_EVENTS Successful Fibank Phish 2018-12-19 (current_events.rules)
2834002 - ETPRO CURRENT_EVENTS Successful Fibank Phish 2018-12-19 (current_events.rules)
2834003 - ETPRO CURRENT_EVENTS Successful US Bank Phish 2018-12-19 (current_events.rules)
2834004 - ETPRO CURRENT_EVENTS Successful Bell Phish 2018-12-19 (current_events.rules)
2834005 - ETPRO CURRENT_EVENTS Successful DHL Phish 2018-12-19 (current_events.rules)
2834006 - ETPRO CURRENT_EVENTS Successful Microsoft Phish 2018-12-19 (current_events.rules)
2834007 - ETPRO CURRENT_EVENTS Successful Simplii Phish 2018-12-19 (current_events.rules)
2834008 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-12-19 (current_events.rules)
2834009 - ETPRO CURRENT_EVENTS Successful Credit Card Information Phish 2018-12-19 (current_events.rules)
2834010 - ETPRO CURRENT_EVENTS Successful Credit Card Information Phish 2018-12-19 (current_events.rules)
2834011 - ETPRO CURRENT_EVENTS Successful Microsoft Outlook Phish 2018-12-19 (current_events.rules)
2834012 - ETPRO CURRENT_EVENTS Successful NAB Phish 2018-12-19 (current_events.rules)
2834013 - ETPRO CURRENT_EVENTS Successful Facebook DMCA Phish 2018-12-19 (current_events.rules)
2834014 - ETPRO TROJAN Observed Malicious SSL Cert (BrushaLoader CnC) (trojan.rules)
2834015 - ETPRO TROJAN Observed Malicious SSL Cert (PowerEnum CnC) (trojan.rules)
2834016 - ETPRO TROJAN Observed Malicious SSL Cert (FIN7 CnC) (trojan.rules)

Date: 
Tuesday, December 18, 2018 - 22:00