Daily Ruleset Update Summary
Daily Ruleset Update Summary 2019/11/13

[***]            Summary:            [***]

4 new Open, 24 new Pro (4 + 20). AnteFrigus, Gamaredon, Remcos, CoinMiners, Various Phishing.

Suricata 5.0 Support blog:
https://www.proofpoint.com/us/corporate-blog/post/emerging-threats-announcing-support-suricata-50
Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2028966 - ET TROJAN Win32/AnteFrigus Ransomware Activity (trojan.rules)
2028967 - ET TROJAN Possible Gamaredon HEAD Request for .dot file on ddns.net (trojan.rules)
2028968 - ET TROJAN Observed Malicious SSL Cert (Possible APT33 CnC) (trojan.rules)
2028969 - ET TROJAN Gamaredon CnC Domain Observed in DNS Query (trojan.rules)

Pro:

2839402 - ETPRO TROJAN Observed DNS Query to Get2 Domain (trojan.rules)
2839403 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-11-13 (current_events.rules)
2839404 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-11-12 1) (trojan.rules)
2839405 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-11-12 2) (trojan.rules)
2839406 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-11-13 (current_events.rules)
2839407 - ETPRO CURRENT_EVENTS Successful VDK Bank Phish 2019-11-13 (current_events.rules)
2839408 - ETPRO CURRENT_EVENTS Successful Generic Administrator Login Phish 2019-11-13 (current_events.rules)
2839409 - ETPRO CURRENT_EVENTS Successful Trademe NZ Phish 2019-11-13 (current_events.rules)
2839410 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2019-11-13 (current_events.rules)
2839411 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-11-13 (current_events.rules)
2839412 - ETPRO CURRENT_EVENTS Successful Apple ID Phish 2019-11-13 (current_events.rules)
2839413 - ETPRO CURRENT_EVENTS Successful Excel Online Phish 2019-11-13 (current_events.rules)
2839414 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-11-13 (current_events.rules)
2839415 - ETPRO CURRENT_EVENTS Successful Hawaii National Bank Phish 2019-11-13 (current_events.rules)
2839416 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-11-13 (current_events.rules)
2839417 - ETPRO CURRENT_EVENTS Successful Spark Phish 2019-11-13 (current_events.rules)
2839418 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-11-13 (current_events.rules)
2839419 - ETPRO TROJAN Win32/Remcos RAT Checkin 245 (trojan.rules)
2839420 - ETPRO TROJAN Win32/Remcos RAT Checkin 246 (trojan.rules)

[///]     Modified active rules:     [///]

2003555 - ET TROJAN Bandook v1.35 Initial Connection and Report (trojan.rules)

Date:
Summary title:
4 new Open, 24 new Pro (4 + 20). AnteFrigus, Gamaredon, Remcos, CoinMiners, Various Phishing.