[***]            Summary:            [***]

6 new Open, 29 new Pro (6 + 23). Ursnif Certs, MyDisksu CnC, Various Coinminers, Various Phish.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2027757 - ET DNS Query for .to TLD (dns.rules)
2027758 - ET DNS Query for .cc TLD (dns.rules)
2027759 - ET DNS Query for .co TLD (dns.rules)
2027760 - ET POLICY SSL/TLS Certificate Observed (Commercial Proxy Provider geosurf .io) (policy.rules)
2027761 - ET POLICY SSL/TLS Certificate Observed (AnyDesk Remote Desktop Software) (policy.rules)
2027762 - ET USER_AGENTS AnyDesk Remote Desktop Software User-Agent (user_agents.rules)

Pro:

2837709 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2019-07-26 (current_events.rules)
2837710 - ETPRO CURRENT_EVENTS Successful Excel Online Phish 2019-07-26 (current_events.rules)
2837711 - ETPRO CURRENT_EVENTS Successful Suncoast Credit Union Phish 2019-07-26 (current_events.rules)
2837712 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2019-07-26 (current_events.rules)
2837713 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-26 (current_events.rules)
2837714 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26 (current_events.rules)
2837715 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26 (current_events.rules)
2837716 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26 (current_events.rules)
2837717 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-26 (current_events.rules)
2837718 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26 (current_events.rules)
2837719 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-07-26 (current_events.rules)
2837720 - ETPRO CURRENT_EVENTS Successful Banco de Chile Phish 2019-07-26 (current_events.rules)
2837721 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26 (current_events.rules)
2837722 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26 (current_events.rules)
2837723 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26 (current_events.rules)
2837724 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-26 1) (trojan.rules)
2837725 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-26 2) (trojan.rules)
2837727 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Worker CnC) (trojan.rules)
2837728 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Loader CnC) (trojan.rules)
2837729 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Loader CnC) (trojan.rules)
2837730 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Loader CnC) (trojan.rules)
2837731 - ETPRO MALWARE Win32/Softcnapp.AQ CnC Activity (malware.rules)
2837732 - ETPRO MALWARE Win32/Adware.MyDiskSu CnC Acitivty (malware.rules)

[///]     Modified active rules:     [///]

2027339 - ET EXPLOIT Realtek SDK Miniigd UPnP SOAP Command Execution CVE-2014-8361 - Outbound (exploit.rules)

Date: 
Thursday, July 25, 2019 - 22:00