Daily Ruleset Update Summary 2022/09/14

[***] Summary: [***]

5 new OPEN, 7 new PRO (5 + 2). Various Adware/PUP and Phishing.

We are beginning to stand up our public discourse here
https://community.emergingthreats.net/! We will be posting signature
guidance, writeups and tutorials here.

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2038826 - ET ADWARE_PUP Observed DNS Query to PUP Domain (superdiag
.xyz) (adware_pup.rules)
2038827 - ET ADWARE_PUP Win32/SuperDiag PUP CnC Activity (adware_pup.rules)
2038828 - ET PHISHING Generic Credential Phish Landing Page
2022-09-14 (phishing.rules)
2038829 - ET PHISHING Successful Generic Credential Phish 2022-09-14
(phishing.rules)
2038830 - ET MALWARE Powershell/PowHeartBeat CnC Checkin - HTTPS
(malware.rules)

Pro:

2852377 - ETPRO ATTACK_RESPONSE MSIL/TrojanDownloader.Agent.NGX
Payload Inbound (attack_response.rules)

[///] Modified active rules: [///]

2023753 - ET SCAN MS Terminal Server Traffic on Non-standard Port (scan.rules)
2803333 - ETPRO MALWARE Downloader.Win32.NSIS.hn Checkin (malware.rules)

Date:

Wednesday, September 14, 2022

Summary title:

5 new OPEN, 7 new PRO (5 + 2). Various Adware/PUP and Phishing.