[***]            Summary:            [***]

5 new Open, 30 new Pro (5 + 25).  Inter Skimmer, Smokeloader, Coinminers, Various Phish.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2027689 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)
2027690 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)
2027691 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)
2027692 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)
2027693 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)

Pro:

2837304 - ETPRO MOBILE_MALWARE Android/Spy.Agent.JW Checkin (mobile_malware.rules)
2837305 - ETPRO TROJAN DNS Query to Smokeloader Style Dynamic CnC Domains M1 (trojan.rules)
2837306 - ETPRO TROJAN DNS Query to Smokeloader Style Dynamic CnC Domains M2 (trojan.rules)
2837307 - ETPRO TROJAN Observed SmokeLoader Style Connectivity Check M2 (trojan.rules)
2837308 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish 2019-07-08 (current_events.rules)
2837309 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-08 (current_events.rules)
2837310 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-08 (current_events.rules)
2837311 - ETPRO CURRENT_EVENTS Successful Poste Italiane Phish 2019-07-08 (current_events.rules)
2837312 - ETPRO CURRENT_EVENTS Successful BNP Paribas Phish 2019-07-08 (current_events.rules)
2837313 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-08 (current_events.rules)
2837314 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2019-07-08 (current_events.rules)
2837315 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish 2019-07-08 (current_events.rules)
2837316 - ETPRO CURRENT_EVENTS Successful Paypal  Phish 2019-07-08 (current_events.rules)
2837317 - ETPRO CURRENT_EVENTS Successful Credit du Nord  Phish 2019-07-08 (current_events.rules)
2837318 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-07-08 (current_events.rules)
2837319 - ETPRO CURRENT_EVENTS Successful RBS Phish 2019-07-08 (current_events.rules)
2837320 - ETPRO CURRENT_EVENTS Successful Adobe Document Cloud Phish 2019-07-08 (current_events.rules)
2837321 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2019-07-08 (current_events.rules)
2837322 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-08 1) (trojan.rules)
2837323 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-08 2) (trojan.rules)
2837324 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-08 3) (trojan.rules)
2837325 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-08 4) (trojan.rules)
2837326 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-08 5) (trojan.rules)
2837327 - ETPRO TROJAN Win32/Spy.Agent.PRX Variant ZIP Upload (trojan.rules)
2837328 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-07-08 (current_events.rules)

[///]     Modified active rules:     [///]

2832759 - ETPRO CURRENT_EVENTS MalDoc Requesting Ursnif Payload 2018-09-24 (current_events.rules)

Date: 
Sunday, July 7, 2019 - 22:00