[***] Summary: [***]
2 new Open, 20 new Pro (2 + 18). Nemours, Cookie Monster, Various Certs, Various Phish.
Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback
[+++] Added rules: [+++]
Open:
2028648 - ET TROJAN Nemours/Proyecto RAT CnC Checkin (trojan.rules)
2028649 - ET WEB_CLIENT Observed DNS Query to Malicious Cookie Monster Roulette JS Cookie Stealer Exfil Domain (web_client.rules)
Pro:
2838752 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.dh Reporting Call Info (mobile_malware.rules)
2838753 - ETPRO TROJAN Win32/Koadic CnC Checkin (trojan.rules)
2838754 - ETPRO WEB_CLIENT Malicious Cookie Monster Roulette JS Cookie Stealer Exfil (web_client.rules)
2838755 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (Maldoc DL 2019-10-04) (current_events.rules)
2838756 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (Evil Keitaro TDS Redirection) (current_events.rules)
2838757 - ETPRO TROJAN Observed Malicious SSL Cert (CobInt CnC) (trojan.rules)
2838758 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-10-03) (trojan.rules)
2838759 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-10-04 (current_events.rules)
2838760 - ETPRO CURRENT_EVENTS Successful Tangerine Bank Phish 2019-10-04 (current_events.rules)
2838761 - ETPRO CURRENT_EVENTS Successful Generic Banking Login Phish 2019-10-04 (current_events.rules)
2838762 - ETPRO CURRENT_EVENTS Successful Ziraat Bankasi Phish 2019-10-04 (current_events.rules)
2838763 - ETPRO CURRENT_EVENTS Successful ABSA Phish 2019-10-04 (current_events.rules)
2838764 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-10-04 (current_events.rules)
2838765 - ETPRO CURRENT_EVENTS Successful Fidelity Phish 2019-10-04 (current_events.rules)
2838766 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-10-04 (current_events.rules)
2838767 - ETPRO TROJAN Win32/Remcos RAT Checkin 191 (trojan.rules)
2838768 - ETPRO TROJAN Win32/Remcos RAT Checkin 192 (trojan.rules)
2838769 - ETPRO TROJAN Win32/Remcos RAT Checkin 193 (trojan.rules)
[---] Removed rules: [---]
2025018 - ET TROJAN Possible NanoCore C2 64B (trojan.rules)
2833740 - ETPRO TROJAN Nemours RAT CnC Checkin (trojan.rules)
2837947 - ETPRO TROJAN Koadic CnC Activity (trojan.rules)