[***]            Summary:            [***]

7 new Open, 26 new Pro (7 + 19). CVE-2019-0604, CVE-2019-1003000, CVE-2017-1000395, CVE-2018-1000861, Various Phishing, Mobile.

[+++]          Added rules:          [+++]

Open:

2007994 - ET INFO Suspicious User-Agent (1 space) (info.rules)
2027345 - ET WEB_SPECIFIC_APPS Possible SharePoint RCE Attempt (CVE-2019-0604) (web_specific_apps.rules)
2027346 - ET WEB_SPECIFIC_APPS Jenkins RCE CVE-2019-1003000 (web_specific_apps.rules)
2027347 - ET WEB_SPECIFIC_APPS Jenkins Information Disclosure CVE-2017-1000395 (web_specific_apps.rules)
2027348 - ET WEB_SPECIFIC_APPS Jenkins Pre-auth User Information Leakage (web_specific_apps.rules)
2027349 - ET WEB_SPECIFIC_APPS Jenkins Chained Exploits CVE-2018-1000861 and CVE-2019-1003000 M1 (web_specific_apps.rules)
2027350 - ET WEB_SPECIFIC_APPS Jenkins Chained Exploits CVE-2018-1000861 and CVE-2019-1003000 M2 (web_specific_apps.rules)

Pro:

2836268 - ETPRO MOBILE_MALWARE Android/Spy.Banker.AJH Contact Exfil (mobile_malware.rules)
2836269 - ETPRO TROJAN QuasarRAT C2 KeepAlive (trojan.rules)
2836270 - ETPRO TROJAN QuasarRAT C2 Init (trojan.rules)
2836271 - ETPRO TROJAN Win32/QULAB Telegram Exfiltration (trojan.rules)
2836272 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-05-10 (current_events.rules)
2836273 - ETPRO CURRENT_EVENTS Successful Sparkasse Phish 2019-05-10 (current_events.rules)
2836274 - ETPRO CURRENT_EVENTS Successful Intuit Quickbooks Phish 2019-05-10 (current_events.rules)
2836275 - ETPRO CURRENT_EVENTS Successful Apple iCloud Phish 2019-05-10 (current_events.rules)
2836276 - ETPRO CURRENT_EVENTS Successful ATT Phish 2019-05-10 (current_events.rules)
2836277 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-05-10 (current_events.rules)
2836278 - ETPRO CURRENT_EVENTS Successful Square Enix Phish 2019-05-10 (current_events.rules)
2836279 - ETPRO CURRENT_EVENTS Successful Verified by Visa Phish 2019-05-10 (current_events.rules)
2836280 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2019-05-10 (current_events.rules)
2836281 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-05-10 (current_events.rules)
2836282 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-05-10 (current_events.rules)
2836283 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-05-10 (current_events.rules)
2836284 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-05-10 (current_events.rules)
2836287 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2019-05-10 (current_events.rules)
2836288 - ETPRO TROJAN Dos.Linux/Elknot.BY Checkin (trojan.rules)

[---]         Disabled rules:        [---]

2027168 - ET POLICY Powershell Activity Over SMB - Likely Lateral Movement (policy.rules)

[---]         Removed rules:         [---]

2007994 - ET MALWARE Suspicious User-Agent (1 space) (malware.rules)

Date: 
Thursday, May 9, 2019 - 22:00