[***]            Summary:            [***]

4 new Open, 26 new Pro (4 + 22). Operation Cobra Venom, Various Phishing, UnHuman Bot, Various Android.

[+++]          Added rules:          [+++]

Open:

2026763 - ET TROJAN Operation Cobra Venom Stage 1 DNS Lookup (trojan.rules)
2026764 - ET TROJAN Operation Cobra Venom WSF Stage 1 - CnC Checkin (trojan.rules)
2026765 - ET TROJAN Operation Cobra Venom WSF Stage 1 - File Decode Completed (trojan.rules)
2026766 - ET TROJAN Operation Cobra Venom WSF Stage 2 - CnC Checkin (trojan.rules)

Pro:

2834266 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin 7 (mobile_malware.rules)
2834267 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin 8 (mobile_malware.rules)
2834268 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin 9 (mobile_malware.rules)
2834269 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin 10 (mobile_malware.rules)
2834270 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.XM Checkin (mobile_malware.rules)
2834271 - ETPRO MOBILE_MALWARE Risktool.AndroidOS.FakGram.a Checkin (mobile_malware.rules)
2834272 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-01-08 1) (trojan.rules)
2834273 - ETPRO TROJAN UnHuman Bot CnC Activity (trojan.rules)
2834274 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2019-01-08) (current_events.rules)
2834275 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2019-01-08 2) (current_events.rules)
2834276 - ETPRO CURRENT_EVENTS Successful KBC Bank Phish 2019-01-08 (current_events.rules)
2834277 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-01-08 (current_events.rules)
2834278 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-01-08 (current_events.rules)
2834279 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-01-08 (current_events.rules)
2834280 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2019-01-08 (current_events.rules)
2834281 - ETPRO CURRENT_EVENTS Successful Luno Phish 2019-01-02 (current_events.rules)
2834282 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2019-01-08 (current_events.rules)
2834283 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-01-08 (current_events.rules)
2834284 - ETPRO CURRENT_EVENTS Successful American Express Phish 2019-01-08 (current_events.rules)
2834285 - ETPRO CURRENT_EVENTS Successful Microsoft Account Voicemail Phish 2019-01-08 (current_events.rules)
2834286 - ETPRO CURRENT_EVENTS Successful 1&1 Hosting Phish 2019-01-08 (current_events.rules)
2834287 - ETPRO TROJAN PS/Unk Communicating with CnC (trojan.rules)

[///]     Modified active rules:     [///]

2815463 - ETPRO TROJAN Win32/Megalodon/AgentTesla Conn Check (trojan.rules)

Date: 
Monday, January 7, 2019 - 22:00