Daily Ruleset Update Summary 2021/12/30

Daily Ruleset Update Summary

[***] Summary: [***]

5 new OPEN, 11 new PRO (5 + 6). X-Files Stealer, Cobalt Strike,
Win32/JLINEWOPS and PHISHING.

Thanks @h2jazi, @3xp0rtblog, @James_inthe_box, @Jane_0stin and
@malwrhunterteam

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2034847 - ET TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)
2034848 - ET TROJAN Win32/X-Files Stealer Activity (trojan.rules)
2034849 - ET TROJAN Cobalt Strike Activity (GET) (trojan.rules)
2034850 - ET EXPLOIT Possible Joomla RCE (CVE-2011-5148) (exploit.rules)
2034851 - ET WEB_SPECIFIC_APPS Joolma Simple File Upload Plugin
Remote Code Execution (CVE-2011-5148) (web_specific_apps.rules)

Pro:

2850754 - ETPRO MALWARE Win32/Adware.Agent.NSF Checkin (malware.rules)
2850755 - ETPRO TROJAN Win32/JLINEWOPS CnC Activity (trojan.rules)
2850756 - ETPRO CURRENT_EVENTS Successful Huntington Bank Phish
2021-12-30 (current_events.rules)
2850757 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-12-30
(current_events.rules)
2850758 - ETPRO CURRENT_EVENTS Successful Generic Phish 2021-12-30
(current_events.rules)
2850759 - ETPRO CURRENT_EVENTS Union Bank of the Philippines OTP
Landing Page 2021-12-29 (current_events.rules)

[---] Removed rules: [---]

2848048 - ETPRO TROJAN Observed Malicious SSL Cert (AsyncRAT) (trojan.rules)

Date:

Thursday, December 30, 2021

Summary title:

5 new OPEN, 11 new PRO (5 + 6). X-Files Stealer, Cobalt Strike, Win32/JLINEWOPS and PHISHING.