[***]            Summary:            [***]

9 new OPEN, 23 new PRO (9 + 14). STRRAT, HTTPCore, POSHC2 JA3, BADNEWS, VARIOUS PHISHING.

Thanks: @Nettitude_Labs.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net feedback

[+++]          Added rules:          [+++]

Open:

2030357 - ET TROJAN Win32/Ispen BADNEWS CnC Beacon (trojan.rules)
2030358 - ET TROJAN STRRAT CnC Checkin (trojan.rules)
2030359 - ET TROJAN STRRAT Initial HTTP Activity (trojan.rules)
2030360 - ET TROJAN STRRAT Requesting License Check (trojan.rules)
2030361 - ET TROJAN Win32/Ispen BADNEWS Fake User-Agent (trojan.rules)
2030362 - ET TROJAN Win32/Adware.Agent.NSU CnC Activity (trojan.rules)
2030363 - ET TROJAN HTTPCore CnC Task Request (trojan.rules)
2030364 - ET TROJAN HTTPCore CnC Task Response (trojan.rules)
2030365 - ET TROJAN HTTPCore CnC Tasking File (trojan.rules)
2030366 - ET JA3 HASH - Possible POSHC2 Client CnC (ja3.rules)
2030367 - ET JA3 HASH - Possible POSHC2 Server Response (ja3.rules)

Pro:

2843107 - ETPRO MALWARE FaekAV Activity (malware.rules)
2843108 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-19 1) (trojan.rules)
2843109 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-19 2) (trojan.rules)
2843110 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2020-06-19
(current_events.rules)
2843111 - ETPRO CURRENT_EVENTS Successful Verizon Phish 2020-06-19
(current_events.rules)
2843112 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2020-06-19 (current_events.rules)
2843113 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish 2020-06-19
(current_events.rules)
2843114 - ETPRO CURRENT_EVENTS Successful Naver Phish 2020-06-19
(current_events.rules)
2843115 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2020-06-19 (current_events.rules)
2843116 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-06-19
(current_events.rules)
2843117 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2020-06-19
(current_events.rules)
2843118 - ETPRO CURRENT_EVENTS Successful Microsoft OneDrive Phish
2020-06-19 (current_events.rules)
2843119 - ETPRO TROJAN MSIL/Spy.Small.EU Variant Exfil (trojan.rules)
2843120 - ETPRO TROJAN Win32.Staser.dspk (trojan.rules)

[///]     Modified active rules:     [///]

2019236 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Version
Number (web_server.rules)
2811988 - ETPRO TROJAN Generic Infostealer Password Exfil (trojan.rules)
2839790 - ETPRO INFO Windows BITS UA Retrieving EXE (info.rules)

[---]         Removed rules:         [---]

2820476 - ETPRO TROJAN Targeted Win32/Ispen CnC Beacon (trojan.rules)
2820477 - ETPRO TROJAN Targeted Win32/Ispen Fake User-Agent (trojan.rules)

Date:
Summary title:
9 new OPEN, 23 new PRO (9 + 14). STRRAT, HTTPCore, POSHC2 JA3, BADNEWS, VARIOUS PHISHING.