[***] Summary: [***]
2 new Open, 22 new Pro (2 + 19). CVE-2019-1652, FIN7/Griffon SSL, Various Mobile, Various Phishing.
[+++] Added rules: [+++]
Open:
2026860 - ET EXPLOIT Possible Cisco RV320 RCE Attempt (CVE-2019-1652) (exploit.rules)
2026861 - ET TROJAN Observed Malicious SSL Cert (BrushaLoader CnC) (trojan.rules)
Pro:
2834626 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent Reporting Google Password (mobile_malware.rules)
2834627 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-01-29 1) (trojan.rules)
2834628 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-01-29 2) (trojan.rules)
2834629 - ETPRO CURRENT_EVENTS Likely Fake Flash Callback Domain (current_events.rules)
2834630 - ETPRO INFO Likely Scam Callback Domain (info.rules)
2834631 - ETPRO TROJAN Observed Malicious SSL Cert (FIN7/Griffon CnC) (trojan.rules)
2834632 - ETPRO CURRENT_EVENTS Successful American Express Phish 2019-01-29 (current_events.rules)
2834633 - ETPRO CURRENT_EVENTS Successful Maersk Phish 2019-01-29 (current_events.rules)
2834634 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish 2019-01-29 (current_events.rules)
2834635 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Phish 2019-01-29 (current_events.rules)
2834636 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-01-29 (current_events.rules)
2834637 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-01-29 (current_events.rules)
2834638 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-01-29 (current_events.rules)
2834639 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-01-29 (current_events.rules)
2834640 - ETPRO CURRENT_EVENTS Successful ZipRecruiter Phish 2019-01-29 (current_events.rules)
2834641 - ETPRO CURRENT_EVENTS Successful Excel Online Phish 2019-01-29 (current_events.rules)
2834642 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-01-29 (current_events.rules)
2834643 - ETPRO CURRENT_EVENTS Successful OCN Webmail Phish 2019-01-29 (current_events.rules)
2834644 - ETPRO CURRENT_EVENTS Successful Sharepoint Phish 2019-01-29 (current_events.rules)
[///] Modified active rules: [///]
2023349 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 106 (trojan.rules)