[***]            Summary:            [***]

1 new Open, 37 new Pro (1 + 36). CobInt SSL, XiaPost, psiXBot, Various Mobile, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2026859 - ET TROJAN Observed Malicious SSL Cert (Donot Group/APT-C-35 CnC) (trojan.rules)

Pro:

2834590 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.abw CnC Beacon (mobile_malware.rules)
2834591 - ETPRO MOBILE_MALWARE Android/Cbsha Checkin (mobile_malware.rules)
2834592 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.CBU CnC Beacon (mobile_malware.rules)
2834593 - ETPRO MOBILE_MALWARE Android/SmiLogger Activity (mobile_malware.rules)
2834594 - ETPRO MOBILE_MALWARE AndroidOS/Trojan.WXZM-2 Reporting Device Location (mobile_malware.rules)
2834595 - ETPRO MOBILE_MALWARE Android/AdDisplay.Youmi.N CnC Beacon (mobile_malware.rules)
2834596 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-01-28 1) (trojan.rules)
2834597 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-01-28 2) (trojan.rules)
2834598 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-01-28 3) (trojan.rules)
2834599 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-01-28 4) (trojan.rules)
2834600 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-01-28 5) (trojan.rules)
2834601 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-01-28 6) (trojan.rules)
2834602 - ETPRO TROJAN Observed Malicious SSL Cert (CobInt CnC) (trojan.rules)
2834603 - ETPRO TROJAN Observed Malicious SSL Cert (CobInt CnC) (trojan.rules)
2834604 - ETPRO TROJAN Observed Malicious SSL Cert (Unk.BR Banker CnC) (trojan.rules)
2834605 - ETPRO TROJAN Sharik/Smoke CnC Beacon 13 (trojan.rules)
2834606 - ETPRO TROJAN Unk.Backdoor CnC Response (trojan.rules)
2834607 - ETPRO POLICY External GeoIP Lookup via vtransmit .com (policy.rules)
2834608 - ETPRO MALWARE Observed Malicious SSL Cert (Win32/Xetapp PUP/PUA) (malware.rules)
2834609 - ETPRO TROJAN XiaPost CnC Checkin (trojan.rules)
2834610 - ETPRO CURRENT_EVENTS Successful Barclays Card Phish 2019-01-28 (current_events.rules)
2834611 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish 2019-01-28 (current_events.rules)
2834612 - ETPRO CURRENT_EVENTS Successful USAA Phish 2019-01-28 (current_events.rules)
2834613 - ETPRO CURRENT_EVENTS Successful M&T Phish 2019-01-28 (current_events.rules)
2834614 - ETPRO CURRENT_EVENTS Successful AliExpress Phish 2019-01-28 (current_events.rules)
2834615 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-01-28 (current_events.rules)
2834616 - ETPRO CURRENT_EVENTS Successful Adobe Phish 2019-01-28 (current_events.rules)
2834617 - ETPRO CURRENT_EVENTS Successful Halkbank Phish 2019-01-28 (current_events.rules)
2834618 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-01-28 (current_events.rules)
2834619 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-01-28 (current_events.rules)
2834620 - ETPRO TROJAN Observed Malicious SSL Cert (BrushaLoader CnC) (trojan.rules)
2834621 - ETPRO TROJAN psiXBot DNS Lookup (trojan.rules)
2834622 - ETPRO TROJAN psiXBot DNS Lookup (trojan.rules)
2834623 - ETPRO TROJAN psiXBot DNS Lookup (trojan.rules)
2834624 - ETPRO TROJAN psiXBot DNS Lookup (trojan.rules)
2834625 - ETPRO TROJAN psiXBot DNS Lookup (trojan.rules)

[///]     Modified active rules:     [///]

2009099 - ET P2P ThunderNetwork UDP Traffic (p2p.rules)
2014297 - ET POLICY Vulnerable Java Version 1.7.x Detected (policy.rules)
2019401 - ET POLICY Vulnerable Java Version 1.8.x Detected (policy.rules)
2026611 - ET TROJAN TEMP.Periscope APT Domain in DNS Lookup (trojan.rules)
2832198 - ETPRO MOBILE_MALWARE DonotGroup/APT-C-35 Android App C2 Response (mobile_malware.rules)

Date: 
Sunday, January 27, 2019 - 22:00