[***]    Summary:    [***]

11 new OPEN, 27 new PRO (11 + 16).

Thanks: @james_inthe_box.

Please share issues, feedback, and requests at https://feedback.emergingthreats.net/feedback

[+++]  Added rules:  [+++]

Open:

2030614 - ET TROJAN Observed Malicious SSL Cert (Lazarus APT MalDoc
DL 2020-07-30) (trojan.rules)
2030615 - ET TROJAN Observed Lazarus APT MalDoc DL Domain in TLS
SNI (trojan.rules)
2030616 - ET POLICY XenArmor Password Recovery License Check
(policy.rules)
2030617 - ET CURRENT_EVENTS Instagram Fake Copyright Infringement
Hosted on 000webhostapp (current_events.rules)
2030618 - ET CURRENT_EVENTS Possible Phishing Script Hosted on
000webhostapp (current_events.rules)
2030619 - ET CURRENT_EVENTS Observed Let's Encrypt Certificate
containing Instagram (current_events.rules)
2030620 - ET CURRENT_EVENTS Generic Webmail Phishing Landing
(current_events.rules)
2030621 - ET CURRENT_EVENTS Generic Financial Phone Support
Scam/Phishing Landing M1 (current_events.rules)
2030622 - ET CURRENT_EVENTS Generic Financial Phone Support
Scam/Phishing Landing M2 (current_events.rules)
2030623 - ET USER_AGENTS Suspicious User-Agent (firefox)
(user_agents.rules)
2030624 - ET USER_AGENTS Suspicious User-Agent (chrome)
(user_agents.rules)

Pro:

2843747 - ETPRO TROJAN Observed Taurus Stealer CnC Domain in TLS
SNI (trojan.rules)
2843748 - ETPRO TROJAN Win32/DarkRat Variant CnC Activity
(trojan.rules)
2843749 - ETPRO TROJAN Observed Malicious SSL Cert (MalDoc DL
2020-07-30) (trojan.rules)
2843750 - ETPRO TROJAN Win32/Taurus Stealer CnC Checkin
(trojan.rules)
2843751 - ETPRO TROJAN Win32/Valak Stealer v51 CnC Activity M1
(trojan.rules)
2843752 - ETPRO TROJAN Win32/Valak Stealer v51 CnC Activity M2
(trojan.rules)
2843753 - ETPRO TROJAN Win32/Valak Stealer Retrieving Payload
(trojan.rules)
2843754 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-07-30 1) (trojan.rules)
2843755 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2020-07-30 2) (trojan.rules)
2843756 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2020-07-30
(current_events.rules)
2843757 - ETPRO CURRENT_EVENTS Successful Moneygram Phish
2020-07-30 (current_events.rules)
2843758 - ETPRO CURRENT_EVENTS Possible Successful Firebase Hosted
Phish 2020-07-30 (current_events.rules)
2843759 - ETPRO CURRENT_EVENTS Successful Generic Inmotionhosting
Hosted Phish 2020-07-30 (current_events.rules)
2843760 - ETPRO TROJAN Win32/Kryptik.EQDJ Variant Checkin
(trojan.rules)
2843761 - ETPRO TROJAN Win32/Remcos RAT Checkin 506 (trojan.rules)
2843762 - ETPRO TROJAN Win32/Remcos RAT Checkin 507 (trojan.rules)

[///]     Modified active rules:     [///]

2806798 - ETPRO POLICY XenArmor Password Recovery License
Check/securityxploded retrieval UA (policy.rules)
2843746 - ETPRO TROJAN BlackClaw Ransomware CnC (trojan.rules)

Date:
Summary title:
11 new OPEN, 27 new PRO (11 + 16).