[***]            Summary:            [***]

5 new Open, 25 new Pro (5 + 20). DarkHotel, Android SmsSpy, Blackmoon, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2027397 - ET POLICY Spotify P2P Client (policy.rules)
2027398 - ET TROJAN DarkHotel Payload Uploading to CnC (trojan.rules)
2027399 - ET TROJAN DarkHotel CnC Domain in DNS Lookup (trojan.rules)
2027400 - ET TROJAN DarkHotel CnC Domain in DNS Lookup (trojan.rules)
2027401 - ET TROJAN DarkHotel CnC Domain in DNS Lookup (trojan.rules)

Pro:

2836571 - ETPRO MOBILE_MALWARE Android/Hiddad.YJ Checkin (mobile_malware.rules)
2836572 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.CM CnC Beacon (mobile_malware.rules)
2836573 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2019-05-30 (current_events.rules)
2836574 - ETPRO CURRENT_EVENTS Successful Caixa Phish 2019-05-30 (current_events.rules)
2836575 - ETPRO CURRENT_EVENTS Successful Magalu Phish 2019-05-30 (current_events.rules)
2836576 - ETPRO CURRENT_EVENTS Successful RBC Royal Bank Phish 2019-05-30 (current_events.rules)
2836577 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-05-30 (current_events.rules)
2836578 - ETPRO CURRENT_EVENTS Successful BBVA Phish 2019-05-30 (current_events.rules)
2836579 - ETPRO CURRENT_EVENTS Successful USAA Phish 2019-05-30 (current_events.rules)
2836580 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-05-30 (current_events.rules)
2836581 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-05-30 (current_events.rules)
2836582 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-05-30 (current_events.rules)
2836583 - ETPRO CURRENT_EVENTS Successful Desjardins Phish 2019-05-30 (current_events.rules)
2836584 - ETPRO CURRENT_EVENTS Successful 1&1 Phish 2019-05-30 (current_events.rules)
2836585 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-05-30 (current_events.rules)
2836586 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2019-05-30 (current_events.rules)
2836587 - ETPRO CURRENT_EVENTS Successful Santander Phish 2019-05-30 (current_events.rules)
2836589 - ETPRO CURRENT_EVENTS PowerShell WMI Event Filter Persistence Inbound (current_events.rules)
2836590 - ETPRO MALWARE Win32/Packed.BlackMoon PUP Activity (malware.rules)
2836591 - ETPRO TROJAN MSIL/Spy.Agent.BTP CnC Activity (trojan.rules)

[///]     Modified active rules:     [///]

2020705 - ET TROJAN Generic - Mozilla 4.0 EXE Request (trojan.rules)
2827279 - ETPRO TROJAN W32/Emotet.v4 Checkin (trojan.rules)

Date: 
Wednesday, May 29, 2019 - 22:00