Daily Ruleset Update Summary
Daily Ruleset Update Summary 2021/07/12

[***] Summary: [***]

5 new OPEN, 12 new PRO (5 + 7). SideWinder APT, WildPressure/Milum CnC,
SpoofedScholars, AsyncRAT, Win32/SMTP_Descktop, CoinMiners.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2033313 - ET TROJAN Observed Malicious SSL Cert (SideWinder APT CnC)
(trojan.rules)
2033314 - ET USER_AGENTS Observed Malicious User-Agent (Brute Force
Attacks) (user_agents.rules)
2033315 - ET USER_AGENTS Observed Malicious User-Agent (Brute Force
Attacks) (user_agents.rules)
2033316 - ET TROJAN WildPressure/Milum CnC Activity (trojan.rules)
2033317 - ET TROJAN Operation SpoofedScholars Activity (GET)
(trojan.rules)

Pro:

2849252 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
2849253 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
2849254 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT)
(trojan.rules)
2849255 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-07-10 1) (trojan.rules)
2849256 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2021-07-10 2) (trojan.rules)
2849257 - ETPRO TROJAN User-Agent Checkin via iplogger (trojan.rules)
2849258 - ETPRO TROJAN Win32/SMTP_Descktop CnC Checkin (trojan.rules)

[///] Modified active rules: [///]

A _ton_ of PHISHING sigs, too many to list here.

Date:
Summary title:
5 new OPEN, 12 new PRO (5 + 7). SideWinder APT, WildPressure/Milum CnC, SpoofedScholars, AsyncRAT, Win32/SMTP_Descktop, CoinMiners.