[***]            Summary:            [***]

21 new Pro. KPOT, BeamHTTP, Remcos, Ursnif, Various Phish.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Pro:

2837752 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-30 (current_events.rules)
2837753 - ETPRO TROJAN KPOT Stealer Exfiltration M3 (trojan.rules)
2837754 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-30 (current_events.rules)
2837755 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-30 (current_events.rules)
2837764 - ETPRO TROJAN Win32/BeamHTTP Loader Activity (trojan.rules)
2837765 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-30 1) (trojan.rules)
2837766 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-07-30 2) (trojan.rules)
2837767 - ETPRO CURRENT_EVENTS Successful Generic Compromised Wordpress Phish 2019-07-30 (current_events.rules)
2837768 - ETPRO CURRENT_EVENTS Successful myGov Phish 2019-07-30 (current_events.rules)
2837769 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2019-07-30 (current_events.rules)
2837770 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-07-30 (current_events.rules)
2837771 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-07-30 (current_events.rules)
2837772 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-07-30 (current_events.rules)
2837773 - ETPRO CURRENT_EVENTS Successful Facebook Video Phish 2019-07-30 (current_events.rules)
2837774 - ETPRO POLICY Inbound Batch Script Enumerating OS Version (policy.rules)
2837775 - ETPRO TROJAN Win32/Remcos RAT Checkin 115 (trojan.rules)
2837776 - ETPRO TROJAN Win32/Remcos RAT Checkin 114 (trojan.rules)
2837777 - ETPRO TROJAN Win32/Remcos RAT Checkin 113 (trojan.rules)
2837778 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2837779 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2837780 - ETPRO TROJAN Win32/HLLP.Shodi.I External IP Lookup (trojan.rules)

[///]     Modified active rules:     [///]

2027761 - ET POLICY SSL/TLS Certificate Observed (AnyDesk Remote Desktop Software) (policy.rules)

Date: 
Monday, July 29, 2019 - 22:00