[***]            Summary:            [***]

7 new Open, 23 new Pro (7 + 16). CVE-2018-8174 B64, Spelevo EK, Various Phish.

TIIM

[+++]          Added rules:          [+++]

Open:

2027069 - ET EXPLOIT CVE-2018-8174 Common Construct B64 M1 (exploit.rules)
2027070 - ET EXPLOIT CVE-2018-8174 Common Construct B64 M2 (exploit.rules)
2027071 - ET EXPLOIT CVE-2018-8174 Common Construct B64 M3 (exploit.rules)
2027072 - ET CURRENT_EVENTS Spelevo EK Landing M1 (current_events.rules)
2027073 - ET CURRENT_EVENTS Spelevo EK Landing M2 (current_events.rules)
2027074 - ET CURRENT_EVENTS Spelevo EK Landing M3 (current_events.rules)
2027075 - ET CURRENT_EVENTS Spelevo EK Post-Compromise Data Dump (current_events.rules)

Pro:

2835271 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin 11 (mobile_malware.rules)
2835272 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin 12 (mobile_malware.rules)
2835273 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin 13 (mobile_malware.rules)
2835274 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2018-03-11) (current_events.rules)
2835275 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-03-11 (current_events.rules)
2835276 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-03-11 (current_events.rules)
2835277 - ETPRO CURRENT_EVENTS Successful Generic Personalized Phish 2019-03-11 (current_events.rules)
2835278 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-03-11 (current_events.rules)
2835279 - ETPRO CURRENT_EVENTS Successful Generic Encrypted Message Phish 2019-03-11 (current_events.rules)
2835280 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-03-11 (current_events.rules)
2835281 - ETPRO CURRENT_EVENTS Successful Cox Phish 2019-03-11 (current_events.rules)
2835282 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-11 (current_events.rules)
2835283 - ETPRO CURRENT_EVENTS Successful Paypal FR Phish 2019-03-11 (current_events.rules)
2835284 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-03-11 (current_events.rules)
2835285 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-03-11 (current_events.rules)
2835286 - ETPRO TROJAN Observed Malicious SSL Cert (FIN7 GRIFFON CnC) (trojan.rules)

[///]     Modified active rules:     [///]

2012390 - ET P2P Libtorrent User-Agent (p2p.rules)
2014170 - ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related (policy.rules)
2025627 - ET INFO [eSentire] Possible Kali Linux Updates (info.rules)

Date: 
Sunday, March 10, 2019 - 22:00