[***]            Summary:            [***]

7 new Open, 38 new Pro (7 + 31).  Get2, Remcos, Various SSL/TLS, Various Phish.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2029290 - ET TROJAN Nemty Ransomware CnC Checkin (trojan.rules)
2029291 - ET TROJAN Observed Nemty Ransomware Payment Page (trojan.rules)
2029292 - ET TROJAN Nemty Ransomware Payment Page ID File Upload (trojan.rules)
2029293 - ET TROJAN MilkyBoy CnC Activity (trojan.rules)
2029294 - ET TROJAN MilkyBoy CnC Data Exfil (trojan.rules)
2029295 - ET TROJAN Observed Malicious SSL Cert (AZORult CnC) (trojan.rules)
2029296 - ET TROJAN Observed Malicious SSL Cert (AZORult CnC) (trojan.rules)

Pro:

2840478 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC) (trojan.rules)
2840479 - ETPRO TROJAN Observed Get2 CnC Domain in TLS SNI (trojan.rules)
2840480 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC) (trojan.rules)
2840481 - ETPRO TROJAN Observed Get2 CnC Domain in TLS SNI (trojan.rules)
2840482 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC) (trojan.rules)
2840483 - ETPRO TROJAN Observed Get2 CnC Domain in TLS SNI (trojan.rules)
2840484 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC) (trojan.rules)
2840485 - ETPRO TROJAN Observed Get2 CnC Domain in TLS SNI (trojan.rules)
2840486 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC) (trojan.rules)
2840487 - ETPRO TROJAN Observed Get2 CnC Domain in TLS SNI (trojan.rules)
2840488 - ETPRO TROJAN Observed Malicious SSL Cert (PsiXBot CnC) (trojan.rules)
2840492 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2020-01-17 1) (trojan.rules)
2840493 - ETPRO CURRENT_EVENTS Successful Verizon Phish 2020-01-17 (current_events.rules)
2840494 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-01-17 (current_events.rules)
2840495 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-01-17 (current_events.rules)
2840496 - ETPRO CURRENT_EVENTS Successful Credit Mutuel FR Phish 2020-01-17 (current_events.rules)
2840497 - ETPRO CURRENT_EVENTS Successful WhatsApp Phish 2020-01-17 (current_events.rules)
2840498 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-01-17 (current_events.rules)
2840499 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2020-01-17 (current_events.rules)
2840500 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information Phish 2020-01-17 (current_events.rules)
2840501 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish 2020-01-17 (current_events.rules)
2840502 - ETPRO TROJAN Win32/Remcos RAT Checkin 309 (trojan.rules)
2840503 - ETPRO TROJAN Win32/Remcos RAT Checkin 310 (trojan.rules)
2840504 - ETPRO TROJAN Win32/Remcos RAT Checkin 311 (trojan.rules)
2840505 - ETPRO TROJAN Win32/Staser CnC Activity (trojan.rules)
2840506 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC) (trojan.rules)
2840507 - ETPRO TROJAN Observed Malicious SSL Cert (IcedID CnC) (trojan.rules)
2840508 - ETPRO TROJAN Observed Malicious SSL Cert (IcedID CnC) (trojan.rules)

Date: 
Thursday, January 16, 2020 - 22:00