Daily Ruleset Update Summary
Daily Ruleset Update Summary 2019/12/17

[***]            Summary:            [***]

5 new Open, 22 new Pro (5 + 17). Win32/BlackNET, ShivaGood Ransomware, Win32/Aspire, and Various Phish

Thanks @malwrhunterteam

Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2029177 - ET TROJAN ShivaGood Ransomware CnC Checkin (trojan.rules)
2029178 - ET TROJAN Win32/BlackNET CnC Checkin (trojan.rules)
2029179 - ET TROJAN Win32/BlackNET CnC Keep-Alive (trojan.rules)
2029180 - ET TROJAN Win32/BlackNET CnC Requesting Command (trojan.rules)
2029181 - ET EXPLOIT TP-LINK Archer C5 v4 (CVE-2019-7405) (exploit.rules)

Pro:

2839954 - ETPRO TROJAN Win32/Aspire Stealer CnC Checkin (trojan.rules)
2839955 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-12-16 1) (trojan.rules)
2839956 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-12-16 2) (trojan.rules)
2839957 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-12-16 3) (trojan.rules)
2839958 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2019-12-16 4) (trojan.rules)
2839959 - ETPRO CURRENT_EVENTS Successful Swedbank Phish 2019-12-17 (current_events.rules)
2839960 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-12-17 (current_events.rules)
2839961 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-12-17 (current_events.rules)
2839962 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2019-12-17 (current_events.rules)
2839963 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-12-17 (current_events.rules)
2839964 - ETPRO CURRENT_EVENTS Successful Mobile DE Phish 2019-12-17 (current_events.rules)
2839965 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2019-12-17 (current_events.rules)
2839966 - ETPRO CURRENT_EVENTS Successful Visa Phish 2019-12-17 (current_events.rules)
2839967 - ETPRO CURRENT_EVENTS Successful Visa Phish 2019-12-17 (current_events.rules)
2839968 - ETPRO CURRENT_EVENTS Successful Dash Cryptocurrency Bank Information Phish 2019-12-17 (current_events.rules)
2839969 - ETPRO CURRENT_EVENTS Successful Microsoft Office 365 Phish 2019-12-17 (current_events.rules)
2839970 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)

[///]     Modified active rules:     [///]

2028967 - ET TROJAN Possible Gamaredon HEAD Request for .dot file on ddns.net (trojan.rules)
2839889 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-12-12 (current_events.rules)

Date:
Summary title:
5 new Open, 22 new Pro (5 + 17). Win32/BlackNET, ShivaGood Ransomware, Win32/Aspire, and Various Phish