[***] Summary: [***]
4 new OPEN, 15 new PRO (4 + 11). IndigoZebra, Nivesro, Stealer5,
Various Phish.
Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback
[+++] Added rules: [+++]
Open:
2033219 - ET TROJAN IndigoZebra APT xCaon/Textpadx Activity (POST)
(trojan.rules)
2033220 - ET TROJAN IndigoZebra APT BoxCaon DropBox Activity (POST)
(trojan.rules)
2033221 - ET MALWARE Nivesro Loader CnC Acticity M1 (malware.rules)
2033222 - ET MALWARE Nivesro Loader CnC Acticity M2 (malware.rules)
Pro:
2849162 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-07-02 1) (trojan.rules)
2849163 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-07-02 2) (trojan.rules)
2849164 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-07-02 3) (trojan.rules)
2849165 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2849166 - ETPRO CURRENT_EVENTS Successful Navy Federal Credit Union
2021-07-02 (current_events.rules)
2849167 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.SO Checkin
(mobile_malware.rules)
2849168 - ETPRO TROJAN Stealer5 CnC Checkin (trojan.rules)
2849169 - ETPRO INFO Suspicious Base64 Content in POST Body
(Microsoft) (info.rules)
2849170 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-07-02
(current_events.rules)
2849171 - ETPRO CURRENT_EVENTS Successful Citizens Bank Phish
2021-06-02 (current_events.rules)
2849172 - ETPRO TROJAN CN.APT Tonto Bisonal CnC Activity (trojan.rules)
[///] Modified active rules: [///]
2023696 - ET CURRENT_EVENTS Successful Bradesco Bank Phish M1 Jan 05
2017 (current_events.rules)
2023697 - ET CURRENT_EVENTS Successful Bradesco Bank Phish M2 Jan 05
2017 (current_events.rules)
2023698 - ET CURRENT_EVENTS Successful National Bank Phish Jan 05
2017 (current_events.rules)
2023770 - ET CURRENT_EVENTS Successful RBC Royal Bank Phish Jan 30
2017 (current_events.rules)
2024047 - ET CURRENT_EVENTS Successful National Bank Phish Mar 13
2017 (current_events.rules)
2024101 - ET CURRENT_EVENTS Successful RBC Royal Bank Phish Mar 27
2017 (current_events.rules)
2024326 - ET CURRENT_EVENTS Successful Scotiabank Phish M1 May 24
2017 (current_events.rules)
2024586 - ET CURRENT_EVENTS Successful RBC Royal Bank Phish M1 Aug
17 2017 (current_events.rules)
2024587 - ET CURRENT_EVENTS Successful RBC Royal Bank Phish M2 Aug
17 2017 (current_events.rules)