[***]            Summary:            [***]

3 new Open, 15 new Pro (3 + 12).  Clipsa, More_eggs, Trojan-Banker.AndroidOS.Cerberus,  MalDoc SSL Certs

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2027893 - ET TROJAN Clipsa Stealer - CnC Checkin (trojan.rules)
2027894 - ET TROJAN Clipsa Stealer - Coinminer Download (trojan.rules)
2027895 - ET TROJAN Clipsa Stealer - Exfiltration Activity (trojan.rules)

Pro:

2838050 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Cerberus Checkin (mobile_malware.rules)
2838051 - ETPRO TROJAN MalDoc Retrieving Ursnif Payload (trojan.rules)
2838052 - ETPRO TROJAN Win32/Origin Logger SMTP Account Exfil (trojan.rules)
2838053 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2019-08-16) (current_events.rules)
2838054 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2019-08-16 2) (current_events.rules)
2838055 - ETPRO TROJAN Observed Malicious SSL Cert (More_eggs CnC) (trojan.rules)
2838056 - ETPRO TROJAN Observed Malicious SSL Cert (More_eggs CnC) (trojan.rules)
2838057 - ETPRO TROJAN Unknown BR W32/Downloader CnC Host Checkin (trojan.rules)
2838059 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-15 1) (trojan.rules)
2838060 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-15 2) (trojan.rules)
2838061 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-16 1) (trojan.rules)
2838062 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish 2019-08-16 (current_events.rules)

[///]     Modified active rules:     [///]

2027693 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)
2025931 - ET TROJAN Aurora Ransomware CnC Checkin (trojan.rules)

[---]  Disabled and modified rules:  [---]

2027890 - ET SNMP Cisco Non-Trap PDU request on SNMPv1 trap port (snmp.rules)

Date: 
Thursday, August 15, 2019 - 22:00