[***]            Summary:            [***]

3 new Open, 5 new Pro (3 + 2). CVE-2017-7924, SharpShooter, Various SSL/TLS.

Thanks to Kevin Ross, José Diogo Monteiro, Luis Rosa, and Miguel Borges de Freitas

[+++]          Added rules:          [+++]

Open:

2026917 - ET EXPLOIT Possible MicroLogix 1100 PCCC DoS Condition (CVE-2017-7924) (exploit.rules)
2026918 - ET TROJAN Possible SharpShooter Framework Generated Script (trojan.rules)
2026919 - ET TROJAN Possible SharpShooter Framework Generated VBS Script (trojan.rules)

Pro:

2834904 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2834905 - ETPRO TROJAN Observed DNS Query to Known DNS Exfil CnC Domain (trojan.rules)

Date: 
Sunday, February 17, 2019 - 22:00