[***]            Summary:            [***]

3 new Open, 26 new Pro (3 + 23). Eir D1000 Remote Command Injection, CVE-2019-7238, CVE-2019-6340, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2027374 - ET CURRENT_EVENTS Unknown VBScript Loader with Encoded PowerShell Execution Inbound (current_events.rules)
2027375 - ET EXPLOIT Eir D1000 Remote Command Injection Attempt Inbound (exploit.rules)
2027376 - ET EXPLOIT Eir D1000 Remote Command Injection Attempt Outbound (exploit.rules)

Pro:

2836449 - ETPRO MOBILE_MALWARE Android/Clicker.KN CnC Beacon (mobile_malware.rules)
2836450 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-05-23 1) (trojan.rules)
2836451 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-05-23 2) (trojan.rules)
2836452 - ETPRO CURRENT_EVENTS Successful Google Account Phish 2019-05-23 (current_events.rules)
2836453 - ETPRO CURRENT_EVENTS Successful Unicredit Phish 2019-05-23 (current_events.rules)
2836454 - ETPRO CURRENT_EVENTS Successful Alibaba Phish 2019-05-23 (current_events.rules)
2836455 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish 2019-05-23 (current_events.rules)
2836456 - ETPRO CURRENT_EVENTS Successful Comcast / Xfinity Phish 2019-05-23 (current_events.rules)
2836457 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-05-23 (current_events.rules)
2836458 - ETPRO CURRENT_EVENTS Successful Banko Kuponu Phish 2019-05-23 (current_events.rules)
2836459 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2019-05-23 (current_events.rules)
2836460 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-05-23 (current_events.rules)
2836461 - ETPRO CURRENT_EVENTS Successful Bouygues Telecom Phish 2019-05-23 (current_events.rules)
2836462 - ETPRO CURRENT_EVENTS Successful Telia Phish 2019-05-23 (current_events.rules)
2836463 - ETPRO CURRENT_EVENTS Successful Luno Phish 2019-05-23 (current_events.rules)
2836464 - ETPRO CURRENT_EVENTS Successful Firebase Hosted Phish 2019-05-23 (current_events.rules)
2836465 - ETPRO CURRENT_EVENTS Successful Undelivered Mails Phish 2019-05-23 (current_events.rules)
2836466 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-05-23 (current_events.rules)
2836467 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2019-05-23 (current_events.rules)
2836496 - ETPRO POLICY External IP Lookup Request (policy.rules)
2836497 - ETPRO TROJAN Possible Kimsuky Phishing or Malware DNS Lookup (trojan.rules)
2836498 - ETPRO WEB_SPECIFIC_APPS Sonatype Nexus Repository Manager 3 - CVE-2019-7238 (web_specific_apps.rules)
2836499 - ETPRO WEB_SPECIFIC_APPS Drupal RESTful Web Services Deserialize RCE - CVE-2019-6340 (web_specific_apps.rules)

[///]     Modified active rules:     [///]

2815440 - ETPRO TROJAN Elmer Checkin (trojan.rules)

[---]         Disabled rules:        [---]

2027191 - ET POLICY Executable Transfer in SMB (policy.rules)

Date: 
Wednesday, May 22, 2019 - 22:00