[***]            Summary:            [***]

2 new Open, 32 new Pro (2 + 30).  Remcos, Win32/Valak, PowerShell, Various Phish.

We have a blog up now outlining the new Suricata 5.0 ruleset information as well information regarding our upcoming plans to EOL rule support for Suricata 2.0/3.0 Rulesets.

Suricata 5.0 Support blog:
https://www.proofpoint.com/us/corporate-blog/post/emerging-threats-announcing-support-suricata-50
Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2028893 - ET TROJAN Observed Malicious SSL Cert (DonotGroup CnC) (trojan.rules)
2028894 - ET TROJAN Observed Malicious SSL Cert (AZORult CnC Server) 2019-10-08 (trojan.rules)

Pro:

2838971 - ETPRO TROJAN Win32/Presenoker UA Observed (trojan.rules)
2839051 - ETPRO TROJAN Win32/Unk.Loader Retrieving Payload (trojan.rules)
2839052 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-10-21 1) (trojan.rules)
2839053 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-10-21 2) (trojan.rules)
2839054 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-10-21 3) (trojan.rules)
2839055 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-10-21 4) (trojan.rules)
2839056 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-10-21 5) (trojan.rules)
2839057 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-10-21 6) (trojan.rules)
2839058 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-10-22 (current_events.rules)
2839059 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-10-22 (current_events.rules)
2839060 - ETPRO CURRENT_EVENTS Successful American Express Phish 2019-10-22 (current_events.rules)
2839061 - ETPRO CURRENT_EVENTS Successful Telekom/Tmobile Phish 2019-10-22 (current_events.rules)
2839062 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-10-22 (current_events.rules)
2839063 - ETPRO CURRENT_EVENTS Successful Generic Mailbox Validation Phish 2019-10-22 (current_events.rules)
2839064 - ETPRO CURRENT_EVENTS Successful RBC Royal Bank Phish 2019-10-22 (current_events.rules)
2839065 - ETPRO CURRENT_EVENTS Successful Google Account Phish 2019-10-22 (current_events.rules)
2839066 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-10-22 (current_events.rules)
2839067 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2019-10-22 (current_events.rules)
2839068 - ETPRO TROJAN PowerShell XOR Encoded In Memory Shellcode Loader Inbound (trojan.rules)
2839069 - ETPRO TROJAN PowerShell Base64 Encoded Concat Inbound (trojan.rules)
2839070 - ETPRO TROJAN Win32/Valak CnC Activity M1 (trojan.rules)
2839071 - ETPRO TROJAN Win32/Valak CnC Activity M2 (trojan.rules)
2839072 - ETPRO MALWARE Win32/Bancteian.A Variant CnC Activity (malware.rules)
2839073 - ETPRO TROJAN Win32/Remcos RAT Checkin 218 (trojan.rules)
2839074 - ETPRO TROJAN Win32/Remcos RAT Checkin 219 (trojan.rules)
2839075 - ETPRO TROJAN Win32/Remcos RAT Checkin 220 (trojan.rules)
2839076 - ETPRO TROJAN Win32/Remcos RAT Checkin 221 (trojan.rules)
2839077 - ETPRO TROJAN Win32/Remcos RAT Checkin 222 (trojan.rules)
2839078 - ETPRO TROJAN Win32/Remcos RAT Checkin 223 (trojan.rules)
2839079 - ETPRO TROJAN Win32/Remcos RAT Checkin 224 (trojan.rules)

Date: 
Monday, October 21, 2019 - 22:00