[***]            Summary:            [***]

6 new OPEN, 26 new PRO (6 + 20).  Blaze/Supreme Bot, CVE-2020-9484, Ursnif, Various Phish, Others.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2030251 - ET TROJAN Observed DNS Query to known Avaddon Ransomware
Payment Domain (trojan.rules)
2030252 - ET TROJAN Observed Malicious SSL Cert (Unk.Loader CnC)
(trojan.rules)
2030253 - ET TROJAN Win32/Avaddon Ransomware Style External IP
Address Check (trojan.rules)
2030254 - ET TROJAN Blaze/Supreme Bot Activity (trojan.rules)
2030255 - ET TROJAN Blaze/Supreme Bot Activity M2 (trojan.rules)
2030256 - ET EXPLOIT Attempted Directory Traversal via HTTP Cookie
(CVE-2020-9484) (exploit.rules)

Pro:

2842885 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-05 1) (trojan.rules)
2842886 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-05 2) (trojan.rules)
2842887 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish
2020-06-05 (current_events.rules)
2842888 - ETPRO CURRENT_EVENTS Successful Chase Phish 2020-06-05
(current_events.rules)
2842889 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2020-06-05 (current_events.rules)
2842890 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2020-06-05 (current_events.rules)
2842891 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2020-06-05 (current_events.rules)
2842892 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2020-06-05 (current_events.rules)
2842893 - ETPRO CURRENT_EVENTS Successful Caixa Phish 2020-06-05
(current_events.rules)
2842894 - ETPRO CURRENT_EVENTS Successful Verified by Visa Phish
2020-06-05 (current_events.rules)
2842899 - ETPRO TROJAN Observed Malicious SSL Cert (Gozi  CnC)
(trojan.rules)
2842900 - ETPRO WEB_SERVER Generic Webshell CnC Activity
(web_server.rules)
2842902 - ETPRO CURRENT_EVENTS Successful Generic Phish 2020-06-05
(current_events.rules)
2842903 - ETPRO CURRENT_EVENTS Successful Lloyd's Bank Phish
2020-06-05 (current_events.rules)
2842904 - ETPRO GAMES League of Angels Heaven's Fury Browser Plugin
Checkin  (games.rules)
2842905 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)

[///]     Modified active rules:     [///]

2022016 - ET TROJAN Vawtrak/NeverQuest Posting Data 2 (trojan.rules)
2022017 - ET CURRENT_EVENTS Successful Paypal Account Phish Oct 30
(current_events.rules)
2022018 - ET CURRENT_EVENTS Successful Paypal Account Phish
2015-10-30 2 (current_events.rules)
2022019 - ET CURRENT_EVENTS Successful Paypal Account Phish
2015-10-30 3 (current_events.rules)
2804709 - ETPRO TROJAN Backdoor.IRC.ZGQ Install (trojan.rules)
2814666 - ETPRO TROJAN Win32/Banload.WPZ Retrieving Payload
(trojan.rules)
2814681 - ETPRO TROJAN Suspicious Terse Download Request to
Rghost.net (trojan.rules)
2814682 - ETPRO TROJAN Suspicious Download Request to Rghost.net 1
(trojan.rules)
2814683 - ETPRO TROJAN Suspicious Download Request to Rghost.net 2
(trojan.rules)
2814686 - ETPRO MOBILE_MALWARE Android/DroidRooter.B Checkin
(mobile_malware.rules)

Date:
Summary title:
6 new OPEN, 26 new PRO (6 + 20). Blaze/Supreme Bot, CVE-2020-9484, Ursnif, Various Phish, Others.