[***]            Summary:            [***]

8 new Open, 27 new Pro (8 + 19).  MageCart, Zegost, FIN7, Various Phish.

[+++]          Added rules:          [+++]

Open:

2027471 - ET INFO Suspicious Registrar Nameservers in DNS Response (carbon2u) (info.rules)
2027472 - ET TROJAN Observed Malicious SSL Cert (MageCart CnC) (trojan.rules)
2027473 - ET TROJAN Observed Malicious SSL Cert (MageCart CnC) (trojan.rules)
2027474 - ET TROJAN Observed Malicious SSL Cert (MageCart CnC) (trojan.rules)
2027475 - ET TROJAN Observed Malicious SSL Cert (MageCart CnC) (trojan.rules)
2027476 - ET TROJAN Observed Malicious SSL Cert (MageCart CnC) (trojan.rules)
2027477 - ET TROJAN SSL/TLS Certificate Observed (Maldoc CnC) (trojan.rules)
2027478 - ET TROJAN Packed Perl with Eval Statement (trojan.rules)

Pro:

2836841 - ETPRO MOBILE_MALWARE Android/Agent.BHM Checkin (mobile_malware.rules)
2836842 - ETPRO MOBILE_MALWARE Android/TrojanDownloader.Agent.CC Checkin (mobile_malware.rules)
2836843 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2019-06-14) (current_events.rules)
2836844 - ETPRO TROJAN Win32/Zegost.L CnC Activity (trojan.rules)
2836845 - ETPRO TROJAN Observed DNS Query to FIN7/Griffon CnC Domain (trojan.rules)
2836846 - ETPRO CURRENT_EVENTS Successful LCL Phish 2019-06-14 (current_events.rules)
2836847 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-06-14 (current_events.rules)
2836848 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-06-14 (current_events.rules)
2836849 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-14 (current_events.rules)
2836850 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-14 (current_events.rules)
2836851 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2019-06-14 (current_events.rules)
2836852 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-14 (current_events.rules)
2836853 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-06-14 (current_events.rules)
2836854 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-06-14 (current_events.rules)
2836855 - ETPRO CURRENT_EVENTS Successful Adobe PDF Online Phish 2019-06-14 (current_events.rules)
2836856 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-06-14 (current_events.rules)
2836857 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-14 1) (trojan.rules)
2836858 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-14 2) (trojan.rules)
2836859 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-06-14 3) (trojan.rules)

[///]     Modified active rules:     [///]

2016809 - ET TROJAN Win32/Urausy.C Checkin 3 (trojan.rules)
2016948 - ET TROJAN Win32.Bicololo Response 2 (trojan.rules)
2021381 - ET TROJAN Zberp receiving config via image file - SET (trojan.rules)
2027245 - ET POLICY Request for Possible Office Phishing Hosted on Github.io (policy.rules)
2802990 - ETPRO WEB_CLIENT MSIE cdl Protocol HTTP Redirect Attack (web_client.rules)
2810961 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption Vulnerability (CVE-2015-1689) (web_client.rules)
2810991 - ETPRO TROJAN SEDNIT CnC Beacon 1 (trojan.rules)
2812916 - ETPRO WEB_CLIENT Possible Windows Media Center Remote Code Execution (CVE-2015-2509) 3 (web_client.rules)
2814883 - ETPRO TROJAN Gippers CnC Beacon 1 (trojan.rules)
2816647 - ETPRO TROJAN Win32/Dupzom Retrieving Payload 2 (trojan.rules)
2816857 - ETPRO TROJAN W32/TrojanPSW.Ruftar Checkin (trojan.rules)
2822979 - ETPRO CURRENT_EVENTS Possible Bizarro SunDown Payload (current_events.rules)
2823166 - ETPRO TROJAN August Stealer CnC Checkin (trojan.rules)
2827580 - ETPRO TROJAN W32/Emotet.v4 Checkin 2 (trojan.rules)
2828748 - ETPRO TROJAN Win32/DarkKomet Server Reply 1 (flowbit set) (trojan.rules)
2830703 - ETPRO CURRENT_EVENTS SocEng/Gholish JS Web Inject Inbound (current_events.rules)
2834700 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Hiddad.br Checkin (mobile_malware.rules)
2834766 - ETPRO TROJAN MSIL/Liatpf RAT Checkin (trojan.rules)

[---]  Disabled and modified rules:  [---]

2018386 - ET TROJAN cryptodefense Checkin (trojan.rules)
2811447 - ETPRO TROJAN uWarrior RAT CnC Beacon Response (trojan.rules)
2823858 - ETPRO TROJAN W32.Shigo Ransomware Checkin (trojan.rules)

Date: 
Thursday, June 13, 2019 - 22:00