[***]            Summary:            [***]

3 new Open, 44 new Pro (3 + 41).  ViceLeaker, Danabot Injects, Metamorfo, Various Phish.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2027696 - ET EXPLOIT Possible Zoom Client Auto-Join (CVE-2019-13450) (exploit.rules)
2027697 - ET TROJAN Win32/Unk Retrieving Malicious VBScript (trojan.rules)
2027698 - ET TROJAN Win32/Unk.VBScript Requesting Instruction from CnC (trojan.rules)

Pro:

2837414 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.ViceLeaker.a CnC Beacon (mobile_malware.rules)
2837415 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.ViceLeaker.a CnC Beacon 2 (mobile_malware.rules)
2837416 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.ViceLeaker.a CnC Beacon 3 (mobile_malware.rules)
2837417 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.ViceLeaker.a CnC Beacon 4 (mobile_malware.rules)
2837418 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.ViceLeaker.a CnC Beacon 5 (mobile_malware.rules)
2837419 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.ViceLeaker.a CnC Beacon 6 (mobile_malware.rules)
2837420 - ETPRO TROJAN Win32/MuddyWater Implant CnC Activity (trojan.rules)
2837421 - ETPRO CURRENT_EVENTS Successful Banque Populaire Phish 2019-07-10 (current_events.rules)
2837422 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-07-10 (current_events.rules)
2837423 - ETPRO CURRENT_EVENTS Successful Suncorp Bank Phish 2019-07-10 (current_events.rules)
2837424 - ETPRO TROJAN SSL/TLS Certificate Observed (Donot Group YTY) (trojan.rules)
2837425 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-07-10 (current_events.rules)
2837426 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-10 (current_events.rules)
2837427 - ETPRO CURRENT_EVENTS Successful Verizon Phish 2019-07-10 (current_events.rules)
2837428 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-10 1) (trojan.rules)
2837429 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-10 2) (trojan.rules)
2837430 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-10 3) (trojan.rules)
2837431 - ETPRO CURRENT_EVENTS Successful American Express Phish 2019-07-10 (current_events.rules)
2837432 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-07-10 (current_events.rules)
2837433 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-07-10 (current_events.rules)
2837434 - ETPRO CURRENT_EVENTS Successful BB&T Phish 2019-07-10 (current_events.rules)
2837435 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-07-10 (current_events.rules)
2837436 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-07-10 (current_events.rules)
2837437 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-10 (current_events.rules)
2837438 - ETPRO CURRENT_EVENTS Successful BB&T Phish 2019-07-10 (current_events.rules)
2837439 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-07-10 (current_events.rules)
2837440 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-07-10 (current_events.rules)
2837441 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-10 (current_events.rules)
2837442 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-10 (current_events.rules)
2837443 - ETPRO TROJAN Danabot Webinject Redirect (mBank) M1 (trojan.rules)
2837444 - ETPRO TROJAN Danabot Webinject Redirect (mBank) M2 (trojan.rules)
2837445 - ETPRO TROJAN Danabot Webinject Redirect (mBank) M3 (trojan.rules)
2837446 - ETPRO TROJAN Danabot Webinject Redirect (Centrum24) (trojan.rules)
2837447 - ETPRO TROJAN Danabot Webinject Redirect (PBSBank) (trojan.rules)
2837448 - ETPRO TROJAN Danabot Webinject Redirect (AliorBank) M1 (trojan.rules)
2837449 - ETPRO TROJAN Danabot Webinject Redirect (IdeaBank) (trojan.rules)
2837450 - ETPRO TROJAN Danabot Webinject Redirect (AliorBank) M2 (trojan.rules)
2837451 - ETPRO TROJAN Danabot Webinject Redirect (NestBank) (trojan.rules)
2837452 - ETPRO TROJAN Danabot Webinject Redirect (GetinBank) (trojan.rules)
2837453 - ETPRO TROJAN Win32/Metamorfo Salveinfo Variant HTTP Beacon (trojan.rules)
2837454 - ETPRO POLICY External IP Lookup Domain (localizaip .com .br) (policy.rules)

[///]     Modified active rules:     [///]

2835637 - ETPRO TROJAN Win32/Pterodo.NG Checkin 2 (trojan.rules)

Date: 
Tuesday, July 9, 2019 - 22:00