[***] Summary: [***]

2 new OPEN, 14 new PRO (2 + 12). BazaLoader, RiftRebirth Stealer, Bandook
v0.5FM, Ursnif, Coinminers, Various Phish.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2033033 - ET TROJAN BazaLoader CnC Activity (trojan.rules)
2033034 - ET TROJAN Observed Malicious SSL Cert (BazaLoader CnC)
(trojan.rules)

Pro:

2848723 - ETPRO TROJAN RiftRebirth Stealer CnC Activity (trojan.rules)
2848724 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-05-26 1) (trojan.rules)
2848725 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-05-26 2) (trojan.rules)
2848726 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-05-26 3) (trojan.rules)
2848727 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-05-26 4) (trojan.rules)
2848728 - ETPRO TROJAN Bandook v0.5FM TCP CnC Beacon M2 (trojan.rules)
2848729 - ETPRO TROJAN Win32/Remcos RAT Checkin 722 (trojan.rules)
2848730 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
2848731 - ETPRO CURRENT_EVENTS Successful UniCredit Mobile Phish
2021-05-26 (current_events.rules)
2848732 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-05-26
(current_events.rules)
2848733 - ETPRO CURRENT_EVENTS Successful Generic Credential Phish
2021-05-26 (current_events.rules)
2848734 - ETPRO CURRENT_EVENTS Successful Generic Credential Theft
2021-05-26 (current_events.rules)

[///] Modified active rules: [///]

2805272 - ETPRO TROJAN Bandook Variant CnC Checkin (trojan.rules)
2848000 - ETPRO TROJAN Win32/Prun Downloader CnC Activity (trojan.rules)

[---] Disabled rules: [---]

2812833 - ETPRO CURRENT_EVENTS Successful Google Drive Phish 2020-09-01
(current_events.rules)