[***]            Summary:            [***]

9 new OPEN, 35 new PRO (9 + 26). KarenLogger, Get2 Cert, VMware Spring Cloud Directory Traversal and Various Phishing.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2030334 - ET TROJAN Request for Malicious .dat File (trojan.rules)
2030335 - ET EXPLOIT Possible D-Link Command Injection Attempt Inbound
(CVE-2020-13782) (exploit.rules)
2030336 - ET EXPLOIT VMware Spring Cloud Directory Traversal
(CVE-2020-5405) (exploit.rules)
2030337 - ET EXPLOIT VMware Spring Cloud Directory Traversal
(CVE-2020-5410) (exploit.rules)
2030338 - ET EXPLOIT Centreon 20.04 Authenticated RCE (CVE-2020-12688)
(exploit.rules)
2030339 - ET DOS CallStranger - Attempted UPnP Reflected Amplified TCP with
Multiple Callbacks (CVE-2020-12695) (dos.rules)
2030340 - ET INFO GnuTLS Cryptographic Flaw Observed (CVE-2020-13777)
(info.rules)
2030341 - ET TROJAN Observed Koadic Header Structure (trojan.rules)
2030342 - ET MOBILE_MALWARE ActionSpy CnC (POST) (mobile_malware.rules)

Pro:

2843019 - ETPRO TROJAN Observed Malicious SSL Cert (Get2 CnC) (trojan.rules)
2843020 - ETPRO CURRENT_EVENTS Successful Credit Agricole (FR) Phish
2020-06-15 (current_events.rules)
2843021 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-06-15
(current_events.rules)
2843022 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-06-15
(current_events.rules)
2843023 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2020-06-15
(current_events.rules)
2843024 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2020-06-15 (current_events.rules)
2843025 - ETPRO CURRENT_EVENTS Successful Zimbra Phish 2020-06-15
(current_events.rules)
2843026 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-13 1) (trojan.rules)
2843027 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-13 2) (trojan.rules)
2843028 - ETPRO CURRENT_EVENTS Successful BNP Paribas Phish 2020-06-15
(current_events.rules)
2843029 - ETPRO TROJAN KarenLogger CnC Host Checkin (trojan.rules)
2843030 - ETPRO TROJAN KarenLogger CnC Sending Screenshot (trojan.rules)
2843031 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2020-06-15 (current_events.rules)
2843032 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2020-06-15
(current_events.rules)
2843036 - ETPRO TROJAN StressCity Hacking Tool CnC Activity (trojan.rules)
2843037 - ETPRO TROJAN Win32/Remcos RAT Checkin 460 (trojan.rules)
2843038 - ETPRO TROJAN Win32/Remcos RAT Checkin 461 (trojan.rules)
2843039 - ETPRO TROJAN Win32/Remcos RAT Checkin 462 (trojan.rules)
2843040 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2020-06-15
(current_events.rules)
2843041 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2020-06-15
(current_events.rules)
2843042 - ETPRO CURRENT_EVENTS Successful Facebook Phish (VN) 2020-06-14
(current_events.rules)
2843043 - ETPRO CURRENT_EVENTS Successful Amazon Phish (DE) 2020-06-14
(current_events.rules)
2843044 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2020-06-14
(current_events.rules)

[///]     Modified active rules:     [///]

2028990 - ET TROJAN ELF/Mirai Variant UA Outbound (Ouija_x.86)
(trojan.rules)
2029060 - ET TROJAN Win32/Emotet CnC Activity (POST) M6 (trojan.rules)
2839469 - ETPRO TROJAN Observed ELF/Mirai Variant UA Inbound (Ouija_x.86)
(trojan.rules)
2842713 - ETPRO CURRENT_EVENTS Successful Xfinity/Comcast Phish 2020-05-26
(current_events.rules)

Date:
Summary title:
9 new OPEN, 35 new PRO (9 + 26). KarenLogger, Get2 Cert, VMware Spring Cloud Directory Traversal and Various Phishing.