[***]            Summary:            [***]

1 new Open, 36 new Pro (1 + 35). CVE-2018-8653, Engset, Various CoinMiners, Various Phish.

Thanks: James Lay

[+++]          Added rules:          [+++]

Open:

2026740 - ET TROJAN W32.Engset.Unknown Checkin (trojan.rules)

Pro:

2834017 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 458 (mobile_malware.rules)
2834018 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 1) (trojan.rules)
2834019 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 2) (trojan.rules)
2834020 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 3) (trojan.rules)
2834021 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 4) (trojan.rules)
2834022 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 5) (trojan.rules)
2834023 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 6) (trojan.rules)
2834024 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 7) (trojan.rules)
2834025 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 8) (trojan.rules)
2834026 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 9) (trojan.rules)
2834027 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 10) (trojan.rules)
2834028 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 11) (trojan.rules)
2834029 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2018-12-20 12) (trojan.rules)
2834030 - ETPRO TROJAN Observed Malicious SSL Cert (More_eggs CnC) (trojan.rules)
2834031 - ETPRO POLICY Observed Suspicious SSL Cert (uploadexe .net Free File Hosting - Possibly Malicious) (policy.rules)
2834032 - ETPRO CURRENT_EVENTS Successful Google Account Phish 2018-12-20 (current_events.rules)
2834033 - ETPRO CURRENT_EVENTS Successful Blockchain Phish 2018-12-20 (current_events.rules)
2834034 - ETPRO CURRENT_EVENTS Successful ING Phish 2018-12-20 (current_events.rules)
2834035 - ETPRO CURRENT_EVENTS Successful NatWest Phish 2018-12-20 (current_events.rules)
2834036 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2018-12-20 (current_events.rules)
2834037 - ETPRO CURRENT_EVENTS Successful USAA Phish 2018-12-20 (current_events.rules)
2834038 - ETPRO CURRENT_EVENTS Successful Microsoft Link Validation Phish 2018-12-20 (current_events.rules)
2834039 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-12-20 (current_events.rules)
2834040 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-12-20 (current_events.rules)
2834041 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2018-12-20 (current_events.rules)
2834042 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2018-12-20 (current_events.rules)
2834043 - ETPRO CURRENT_EVENTS Successful Fidelity Phish 2018-12-20 (current_events.rules)
2834044 - ETPRO CURRENT_EVENTS Successful RBC Phish 2018-12-20 (current_events.rules)
2834045 - ETPRO CURRENT_EVENTS Successful Fifth Third Bank Phish 2018-12-20 (current_events.rules)
2834046 - ETPRO CURRENT_EVENTS Successful Amazon Phish 2018-12-20 (current_events.rules)
2834047 - ETPRO CURRENT_EVENTS Successful Amazon Phish 2018-12-20 (current_events.rules)
2834048 - ETPRO CURRENT_EVENTS Successful Amazon Phish 2018-12-20 (current_events.rules)
2834049 - ETPRO EXPLOIT Scripting Engine Memory Corruption RCE Attempt Inbound M1 (CVE-2018-8653) (exploit.rules)
2834050 - ETPRO EXPLOIT Scripting Engine Memory Corruption RCE Attempt Inbound M2 (CVE-2018-8653) (exploit.rules)
2834051 - ETPRO EXPLOIT Scripting Engine Memory Corruption RCE Attempt Inbound M3 (CVE-2018-8653) (exploit.rules)

[///]     Modified active rules:     [///]

2833062 - ETPRO TROJAN Observed Gootkit Style SSL Certificate (trojan.rules)

[---]         Removed rules:         [---]

2018045 - ET CURRENT_EVENTS Visa Phishing Landing Jan 30 2014 (current_events.rules)

Date: 
Wednesday, December 19, 2018 - 22:00