[***]            Summary:            [***]

3 new OPEN, 26 new PRO (3 + 23). Predator, Trojan/MSIL.DOTHETUK, Win32/Wacapew.C!ml, Mekotio, Various Phishing.

Many rules in the Suricata 5 ruleset have been updated with Suricata 5 rule syntax/keywords. A complete list of rules that were  changed can be found via the changelog here:
https://rules.emergingthreats.net/changelogs/suricata-5.0-enhanced.etpro.2020-06-30T05:12:09.txt

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

2030409 - ET TROJAN Observed Malicious SSL Cert (AsyncRAT CnC) (trojan.rules)
2030410 - ET MALWARE Predator Anti Ban CnC Activity (malware.rules)
2030411 - ET TROJAN Trojan/MSIL.DOTHETUK CnC Activity (trojan.rules)

Pro:

2838195 - ETPRO POLICY Terse Request for .ps1 - Likely Hostile (policy.rules)
2843261 - ETPRO TROJAN Win32/Wacapew.C!ml Stealer CnC Checkin (trojan.rules)
2843262 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT CnC) (trojan.rules)
2843263 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-30 1) (trojan.rules)
2843264 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-30 2) (trojan.rules)
2843265 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-30 3) (trojan.rules)
2843266 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-30 4) (trojan.rules)
2843267 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-30 5) (trojan.rules)
2843268 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-30 6) (trojan.rules)
2843269 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-06-30 7) (trojan.rules)
2843270 - ETPRO TROJAN Mekotio CnC Host Checkin (trojan.rules)
2843271 - ETPRO CURRENT_EVENTS Succcesful Chase Phish 2020-06-30
(current_events.rules)
2843272 - ETPRO CURRENT_EVENTS Successful Chase Phish 2020-06-30
(current_events.rules)
2843273 - ETPRO CURRENT_EVENTS Succcesful Generic Phish 2020-06-30
(current_events.rules)
2843274 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2020-06-30
(current_events.rules)
2843275 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish
2020-06-30 (current_events.rules)
2843276 - ETPRO TROJAN Observed SocGholish Domain in TLS SNI (trojan.rules)
2843277 - ETPRO TROJAN Win32/TrojanDropper.Delf.OEF CnC Checkin M2
(trojan.rules)
2843278 - ETPRO TROJAN Win32/Remcos RAT Checkin 471 (trojan.rules)
2843279 - ETPRO TROJAN Win32/Remcos RAT Checkin 472 (trojan.rules)
2843280 - ETPRO TROJAN Observed AZORult CnC Domain in TLS SNI (trojan.rules)
2843282 - ETPRO TROJAN Observed QNodeService RAT CnC Domain in TLS SNI
(trojan.rules)

[///]     Modified active rules:     [///]

2014407 - ET CURRENT_EVENTS DRIVEBY EgyPack Exploit Kit Cookie Set
(current_events.rules)
2014660 - ET TROJAN Win32/Ponmocup.A Checkin (trojan.rules)
2020721 - ET CURRENT_EVENTS RIG Exploit URI Struct March 20 2015
(current_events.rules)
2022342 - ET POLICY HotSpotShield Activity (policy.rules)
2022686 - ET CURRENT_EVENTS Likely Evil Macro EXE DL mar 28 2016
(current_events.rules)
2022698 - ET EXPLOIT Quanta LTE Router Information Disclosure Exploit
Attempt (exploit.rules)
2022700 - ET EXPLOIT Quanta LTE Router RDE Exploit Attempt 1 (ping)
(exploit.rules)
2022701 - ET EXPLOIT Quanta LTE Router RDE Exploit Attempt 2
(traceroute) (exploit.rules)
2022729 - ET INFO PhishMe.com Phishing Exercise - Client Plugins (info.rules)
2022737 - ET TROJAN W32/Virus-Encoder Ransomware Checkin (trojan.rules)
2022738 - ET POLICY Windows Quicktime User-Agent EOL With Known Bugs
(policy.rules)
2022749 - ET TROJAN Win32/Agent.XST/UP007 Checkin 2 (trojan.rules)
2811852 - ETPRO TROJAN TDrop2 Downloader Retrieving Payload (trojan.rules)
2814959 - ETPRO TROJAN PhilBot/Toshliph POST CnC Beacon (trojan.rules)
2816000 - ETPRO TROJAN Win32/iSpySoft PWS Checkin via HTTP (trojan.rules)
2816216 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ib Checkin
(mobile_malware.rules)
2816395 - ETPRO TROJAN Nymaim Checkin 5 (trojan.rules)
2816748 - ETPRO TROJAN Pawder CnC Beacon HTTP GET (trojan.rules)
2816801 - ETPRO CURRENT_EVENTS Magnitude EK Payload Mar 29 2016
(current_events.rules)
2816804 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ha
Checkin (mobile_malware.rules)
2816817 - ETPRO TROJAN Possible Ozone RAT User Agent (trojan.rules)

[---]         Removed rules:         [---]

2838195 - ETPRO TROJAN Terse Request for .ps1 - Likely Hostile (trojan.rules)

Date:
Summary title:
3 new OPEN, 26 new PRO (3 + 23). Predator, Trojan/MSIL.DOTHETUK, Win32/Wacapew.C!ml, Mekotio, Various Phishing.