Daily Ruleset Update Summary
Daily Ruleset Update Summary 2019/08/14

[***]            Summary:            [***]

3 new Open, 20 new Pro (3 + 17). Win32/SafeNewTab, Android/Spy.Rasteal.A, FortiOS SSL VPN, Various Phishing.

[+++]          Added rules:          [+++]

Open:

2027883 - ET EXPLOIT FortiOS SSL VPN - Information Disclosure (CVE-2018-13379) (exploit.rules)
2027884 - ET EXPLOIT FortiOS SSL VPN - Pre-Auth Messages Payload Buffer Overflow (CVE-2018-13381) (exploit.rules)
2027885 - ET EXPLOIT FortiOS SSL VPN - Improper Authorization Vulnerability (CVE-2018-13382) (exploit.rules)

Pro:

2838017 - ETPRO MOBILE_MALWARE Android/Spy.Rasteal.A Contact Exfil via SMTP (mobile_malware.rules)
2838018 - ETPRO TROJAN MalDoc Dropper CnC Beacon M1 (trojan.rules)
2838019 - ETPRO TROJAN MalDoc Dropper CnC Beacon M2 (trojan.rules)
2838020 - ETPRO TROJAN Zeropadypt/Limbo/Ouroboros Ransomware CnC Checkin (trojan.rules)
2838021 - ETPRO POLICY External IP Address Lookup via libsfml-network (policy.rules)
2838022 - ETPRO TROJAN Win32/SafeNewTab Sending Screenshot (trojan.rules)
2838023 - ETPRO TROJAN Win32/SafeNewTab Acticity (trojan.rules)
2838024 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2019-08-14) (current_events.rules)
2838025 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2019-08-14 2) (current_events.rules)
2838026 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2838027 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-14 1) (trojan.rules)
2838028 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-14 2) (trojan.rules)
2838029 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-14 3) (trojan.rules)
2838030 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-14 (current_events.rules)
2838031 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-08-14 (current_events.rules)
2838032 - ETPRO CURRENT_EVENTS Successful ABSA Phish 2019-08-14 (current_events.rules)
2838033 - ETPRO CURRENT_EVENTS Successful eFax Phish 2019-08-14 (current_events.rules)

[///]     Modified active rules:     [///]

2837947 - ETPRO TROJAN Koadic CnC Activity (trojan.rules)
2838004 - ETPRO TROJAN Observed Malicious SSL Cert (Koadic CnC) (trojan.rules)
2838012 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-08-13 (current_events.rules)

Date:
Summary title:
3 new Open, 20 new Pro (3 + 17). Win32/SafeNewTab, Android/Spy.Rasteal.A, FortiOS SSL VPN, Various Phishing.