Daily Ruleset Update Summary
Daily Ruleset Update Summary 2019/08/01

[***]            Summary:            [***]

16 new Open, 33 new Pro (16 + 17). ArtraDownloader, AmendMiner, Ursnif, Various Phish.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2027771 - ET TROJAN Win32/ArtraDownloader Checkin (trojan.rules)
2027772 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027773 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027774 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027775 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027776 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027777 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027778 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027779 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027780 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027781 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027782 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027783 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027784 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027785 - ET CURRENT_EVENTS Possible Protonmail Phishing Domain in DNS Query (current_events.rules)
2027786 - ET POLICY External IP Lookup (www .net .cn) (policy.rules)

Pro:

2837802 - ETPRO MALWARE Win32/NetFilter.A PUP/PUA Activity (malware.rules)
2837803 - ETPRO TROJAN ELF/AmendMiner CnC Activity (trojan.rules)
2837804 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2837805 - ETPRO CURRENT_EVENTS Successful Global Sources Phish 2019-08-01 (current_events.rules)
2837806 - ETPRO CURRENT_EVENTS Successful Banca Sella Phish 2019-08-01 (current_events.rules)
2837807 - ETPRO CURRENT_EVENTS Successful Generic Email Settings Phish 2019-08-01 (current_events.rules)
2837808 - ETPRO CURRENT_EVENTS Successful Capital One Phish 2019-08-01 (current_events.rules)
2837809 - ETPRO CURRENT_EVENTS Successful Netease 163 Webmail Phish 2019-08-01 (current_events.rules)
2837810 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-08-01 (current_events.rules)
2837811 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2019-08-01 (current_events.rules)
2837812 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-08-01 (current_events.rules)
2837813 - ETPRO CURRENT_EVENTS Successful United Airlines Phish 2019-08-01 (current_events.rules)
2837814 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-08-01 (current_events.rules)
2837815 - ETPRO CURRENT_EVENTS Successful Google Phish 2019-08-01 (current_events.rules)
2837816 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-01 1) (trojan.rules)
2837817 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-01 2) (trojan.rules)
2837818 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-01 3) (trojan.rules)

Date:
Summary title:
16 new Open, 33 new Pro (16 + 17). ArtraDownloader, AmendMiner, Ursnif, Various Phish.