[***] Summary: [***]
21 new Pro. KPOT, BeamHTTP, Remcos, Ursnif, Various Phish.
Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback
[+++] Added rules: [+++]
Pro:
2837752 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-30 (current_events.rules)
2837753 - ETPRO TROJAN KPOT Stealer Exfiltration M3 (trojan.rules)
2837754 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-30 (current_events.rules)
2837755 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-30 (current_events.rules)
2837764 - ETPRO TROJAN Win32/BeamHTTP Loader Activity (trojan.rules)
2837765 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-30 1) (trojan.rules)
2837766 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-30 2) (trojan.rules)
2837767 - ETPRO CURRENT_EVENTS Successful Generic Compromised Wordpress Phish 2019-07-30 (current_events.rules)
2837768 - ETPRO CURRENT_EVENTS Successful myGov Phish 2019-07-30 (current_events.rules)
2837769 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2019-07-30 (current_events.rules)
2837770 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-30 (current_events.rules)
2837771 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-30 (current_events.rules)
2837772 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-07-30 (current_events.rules)
2837773 - ETPRO CURRENT_EVENTS Successful Facebook Video Phish 2019-07-30 (current_events.rules)
2837774 - ETPRO POLICY Inbound Batch Script Enumerating OS Version (policy.rules)
2837775 - ETPRO TROJAN Win32/Remcos RAT Checkin 115 (trojan.rules)
2837776 - ETPRO TROJAN Win32/Remcos RAT Checkin 114 (trojan.rules)
2837777 - ETPRO TROJAN Win32/Remcos RAT Checkin 113 (trojan.rules)
2837778 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2837779 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2837780 - ETPRO TROJAN Win32/HLLP.Shodi.I External IP Lookup (trojan.rules)
[///] Modified active rules: [///]
2027761 - ET POLICY SSL/TLS Certificate Observed (AnyDesk Remote Desktop Software) (policy.rules)