Daily Ruleset Update Summary
Daily Ruleset Update Summary 2020/07/09

[***]    Summary:    [***]

6 new OPEN, 24 new PRO (6 + 18).  FRAT, SpyGate, Mirai, Various Others.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]  Added rules:  [+++]

Open:

2030486 - ET TROJAN Observed Malicious SSL Cert (Zloader CnC)
(trojan.rules)
2030487 - ET EXPLOIT Attempted HiSilicon DVR/NVR/IPCam RCE
(Inbound) (exploit.rules)
2030488 - ET EXPLOIT Attempted HiSilicon DVR/NVR/IPCam RCE
(Outbound) (exploit.rules)
2030489 - ET TROJAN ELF/MooBot Mirai DDoS Variant Server Response
(trojan.rules)
2030490 - ET TROJAN ELF/MooBot Mirai DDoS Variant CnC Checkin M1
(Group String Len 1) (trojan.rules)
2030491 - ET TROJAN ELF/MooBot Mirai DDoS Variant CnC Checkin M2
(Group String Len 2+) (trojan.rules)

Pro:

2843426 - ETPRO MOBILE_MALWARE AndroidOS/Trojan.PDAK-6 Checkin
(mobile_malware.rules)
2843427 - ETPRO TROJAN MSIL/Unk.SpyGate Retrieving Config
(trojan.rules)
2843428 - ETPRO TROJAN Observed Malicious SSL Cert (More_eggs CnC)
(trojan.rules)
2843430 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-07-09 1) (trojan.rules)
2843432 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2020-07-09 (current_events.rules)
2843433 - ETPRO CURRENT_EVENTS Successful Santander Phish
2020-07-09 (current_events.rules)
2843434 - ETPRO CURRENT_EVENTS Successful Reserve Bank of India
Phish 2020-07-09 (current_events.rules)
2843435 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish
2020-07-09 (current_events.rules)
2843437 - ETPRO CURRENT_EVENTS Successful Delta Community Credit
Union Phish 2020-07-09 (current_events.rules)
2843438 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish
2020-07-09 (current_events.rules)
2843439 - ETPRO CURRENT_EVENTS Successful Generic Credit Card
Information Phish 2020-07-09 (current_events.rules)
2843440 - ETPRO CURRENT_EVENTS Successful Generic Phish 2020-07-09
(current_events.rules)
2843441 - ETPRO TROJAN FRAT Downloader Activity (trojan.rules)
2843442 - ETPRO TROJAN FRAT Downloader Error Report POST
(trojan.rules)
2843443 - ETPRO TROJAN DownloaderWINHTTP Downloader Activity
(trojan.rules)

[///]     Modified active rules:     [///]

2026040 - ET TROJAN CobaltStrike DNS Beacon Response (trojan.rules)
2030378 - ET TROJAN Patchwork Staging Domain in DNS Query
(trojan.rules)
2841368 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
M11 (current_events.rules)
2841463 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-11
(current_events.rules)
2841464 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-11
(current_events.rules)
2841465 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-11
(current_events.rules)
2841466 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
(current_events.rules)
2841467 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-11
(current_events.rules)
2841468 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-11
(current_events.rules)
2841469 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-11
(current_events.rules)
2841470 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-11
(current_events.rules)
2841471 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-11
(current_events.rules)
2841486 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-12
(current_events.rules)

[---] Removed rules: [---]

2841360 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
M3 (current_events.rules)
2841361 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
M4 (current_events.rules)
2841362 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
M5 (current_events.rules)
2841363 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
M6 (current_events.rules)
2841364 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
M7 (current_events.rules)
2841365 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
M8 (current_events.rules)
2841366 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
M9 (current_events.rules)
2841367 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-04
M10 (current_events.rules)
2841472 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-11
(current_events.rules)
2841487 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2020-03-12
(current_events.rules)

Date:
Summary title:
6 new OPEN, 24 new PRO (6 + 18). FRAT, SpyGate, Mirai, Various Others.