Daily Ruleset Update Summary
Daily Ruleset Update Summary 2019/12/13

[***]            Summary:            [***]

5 new Open, 28 new Pro (5 + 23). Win32/Unk.BrowserStealer, Win32/DevilRecovery, Coinminers, Various Phish. TIIF.

Thanks to: @malwrhunterteam

Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2029145 - ET TROJAN Win32/Unk.BrowserStealer CnC Keep-Alive (trojan.rules)
2029146 - ET TROJAN Win32/Unk.BrowserStealer CnC Checkin (trojan.rules)
2029147 - ET TROJAN Win32/Unk.BrowserStealer Data Exfil M1 (trojan.rules)
2029148 - ET TROJAN Win32/Unk.BrowserStealer Data Exfil M2 (trojan.rules)
2029149 - ET TROJAN Win32/Unk.BrowserStealer Data Exfil M3 (trojan.rules)

Pro:

2839894 - ETPRO TROJAN Win32/PWS.Vbinder Exfil via SMTP (trojan.rules)
2839895 - ETPRO TROJAN Win32/DevilRecovery PWS Exfil via SMTP (trojan.rules)
2839896 - ETPRO TROJAN Possible Temp.Trident APT DNS Lookup Observed (trojan.rules)
2839897 - ETPRO TROJAN Possible Temp.Trident APT DNS Lookup Observed (trojan.rules)
2839898 - ETPRO TROJAN Possible Temp.Trident APT DNS Lookup Observed (trojan.rules)
2839899 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-12-12 1) (trojan.rules)
2839900 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-12-12 2) (trojan.rules)
2839901 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-12-13 (current_events.rules)
2839902 - ETPRO CURRENT_EVENTS Successful Generic Charles Schwab Phish 2019-12-13 (current_events.rules)
2839903 - ETPRO CURRENT_EVENTS Successful Santander Phish 2019-12-13 (current_events.rules)
2839904 - ETPRO CURRENT_EVENTS Successful Santander Phish 2019-12-13 (current_events.rules)
2839905 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-12-13 (current_events.rules)
2839906 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-12-13 (current_events.rules)
2839907 - ETPRO CURRENT_EVENTS Successful Twitter Phish 2019-12-13 (current_events.rules)
2839908 - ETPRO CURRENT_EVENTS Successful NatWest Phish 2019-12-13 (current_events.rules)
2839909 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-12-13 (current_events.rules)
2839910 - ETPRO CURRENT_EVENTS Successful American Express Phish 2019-12-13 (current_events.rules)
2839911 - ETPRO CURRENT_EVENTS Successful Rackspace Phish 2019-12-13 (current_events.rules)
2839912 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-12-13 (current_events.rules)
2839913 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-12-13 (current_events.rules)
2839914 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-12-13 (current_events.rules)
2839915 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-12-13 (current_events.rules)
2839916 - ETPRO CURRENT_EVENTS Successful Credicard Phish 2019-12-13 (current_events.rules)

[///]     Modified active rules:     [///]

2838228 - ETPRO CURRENT_EVENTS Successful Suntrust Phish 2019-08-29 (current_events.rules)

Date:
Summary title:
5 new Open, 28 new Pro (5 + 23). Win32/Unk.BrowserStealer, Win32/DevilRecovery, Coinminers, Various Phish. TIIF.