[***] Summary: [***]
4 new Open, 19 new Pro (4 + 15). MyKings Bootloader, Smokeloader, Various Phishing, Coinminers.
Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback
[+++] Added rules: [+++]
Open:
2027899 - ET CURRENT_EVENTS Possible Phishing Landing Obfuscation Mar 17 (current_events.rules)
2027900 - ET TROJAN MyKings Bootloader Variant Requesting Payload M1 (trojan.rules)
2027901 - ET TROJAN MyKings Bootloader Variant Requesting Payload M2 (trojan.rules)
2027902 - ET TROJAN MyKings Bootloader Variant Requesting Payload M3 (trojan.rules)
Pro:
2838106 - ETPRO TROJAN Sharik/Smokeloader CnC Beacon 16 (trojan.rules)
2838107 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL 2019-08-20) (current_events.rules)
2838108 - ETPRO TROJAN Observed Malicious SSL Cert (PsiXBot CnC) (trojan.rules)
2838109 - ETPRO POLICY Google DNS Over HTTPS Certificate Inbound (policy.rules)
2838110 - ETPRO POLICY Observed Google DNS over HTTPS Domain (dns .google .com in TLS SNI) (policy.rules)
2838111 - ETPRO CURRENT_EVENTS Successful Microsoft Office 365 Phish 2019-08-21 (current_events.rules)
2838112 - ETPRO CURRENT_EVENTS Successful Banco Estado Phish 2019-08-21 (current_events.rules)
2838113 - ETPRO CURRENT_EVENTS Successful myGov Phish 2019-08-21 (current_events.rules)
2838114 - ETPRO CURRENT_EVENTS Successful Mobile.de Phish 2019-08-21 (current_events.rules)
2838115 - ETPRO CURRENT_EVENTS Successful HiNet Phish 2019-08-21 (current_events.rules)
2838116 - ETPRO CURRENT_EVENTS Successful Impots Gouv FR Phish 2019-08-21 (current_events.rules)
2838117 - ETPRO CURRENT_EVENTS Successful Sparkasse Phish 2019-08-21 (current_events.rules)
2838118 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish 2019-08-21 (current_events.rules)
2838119 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-21 1) (trojan.rules)
2838120 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-08-21 2) (trojan.rules)
[///] Modified active rules: [///]
2821655 - ETPRO TROJAN JSP WebShell Backdoor.Hadmad Command 1 (GET) (trojan.rules)
2821669 - ETPRO TROJAN JSP WebShell Backdoor.Hadmad Command 1 (POST) (trojan.rules)
2837704 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-07-25 (current_events.rules)