Daily Ruleset Update Summary 2020/03/27

Daily Ruleset Update Summary

[***] Summary: [***]

3 new Open, 17 new Pro (3 + 14). Win32/PCAcceleratorPro, Win32/Remcos,
Various User-Agents, VARIOUS PHISHING.

Suricata 2/3 Support from Emerging Threats will be become End-Of-Life on
April 15th, 2020.

Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

[+++] Added rules: [+++]

Open:

2029748 - ET USER_AGENTS Observed Suspicious UA (xPCAP)
(user_agents.rules)
2029749 - ET USER_AGENTS Suspicious User Agent (explorersvc)
(user_agents.rules)
2029750 - ET USER_AGENTS Suspicious User Agent (KtulhuBrowser)
(user_agents.rules)

Pro:

2841734 - ETPRO INFO Observed Suspicious Reversed String Inbound
(schtasks /create) (info.rules)
2841735 - ETPRO MALWARE Win32/PCAcceleratorPro Activity (malware.rules)
2841736 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-03-26 1) (trojan.rules)
2841737 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-03-26 2) (trojan.rules)
2841738 - ETPRO CURRENT_EVENTS Successful HSBC Phish 2020-03-27
(current_events.rules)
2841739 - ETPRO CURRENT_EVENTS Successful Discover Phish 2020-03-27
(current_events.rules)
2841740 - ETPRO CURRENT_EVENTS Successful Discover Phish 2020-03-27
(current_events.rules)
2841741 - ETPRO CURRENT_EVENTS Successful DHL Phish 2020-03-27
(current_events.rules)
2841742 - ETPRO CURRENT_EVENTS Successful Generic Webmail Validation
Phish 2020-03-27 (current_events.rules)
2841743 - ETPRO TROJAN Trojan.Win32.Wecod.izpu CnC actiivty (trojan.rules)
2841744 - ETPRO TROJAN Win32/Trojan.Click1.27351 Checkin (trojan.rules)
2841745 - ETPRO TROJAN Win32/Remcos RAT Checkin 376 (trojan.rules)
2841746 - ETPRO TROJAN Win32/Remcos RAT Checkin 377 (trojan.rules)
2841747 - ETPRO TROJAN Win32/Remcos RAT Checkin 378 (trojan.rules)

Date:

Friday, March 27, 2020

Summary title:

3 new Open, 17 new Pro (3 + 14). Win32/PCAcceleratorPro, Win32/Remcos, Various User-Agents, VARIOUS PHISHING.