Daily Ruleset Update Summary 2022/10/31

[***] Summary: [***]

8 new OPEN, 23 new PRO (8 + 15) Manjusaka, JS/AlterSave Skimmer,
Win32.Agent.OSCF, CoinMiner
Thanks @sansecio @corelight_inc

Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++] Added rules: [+++]

Open:

2039601 - ET MALWARE Manjusaka C2 Client Heartbeat (malware.rules)
2039602 - ET MALWARE Manjusaka C2 Heartbeat Response (malware.rules)
2039603 - ET MALWARE JS/AlterSave Skimmer Payload Inbound M1
(malware.rules)
2039604 - ET MALWARE JS/AlterSave Skimmer Payload Inbound M2
(malware.rules)
2039605 - ET INFO GET Request Exfiltrating Username and Hostname
(info.rules)
2039606 - ET MALWARE Malicious Doc CnC Domain (e-demarches .kodeo .ch) in
DNS Lookup (malware.rules)
2039607 - ET MALWARE Win32.Agent.OSCF CnC Checkin (malware.rules)
2039608 - ET PHISHING Successful RBFCU Credential Phish 2022-10-31
(phishing.rules)

Pro:

2852726 - ETPRO COINMINER CoinMiner Known Malicious Stratum Authline
(2022-10-29 1) (coinminer.rules)

Date:

Monday, October 31, 2022

Summary title:

8 new OPEN, 23 new PRO (8 + 15) Manjusaka, JS/AlterSave Skimmer, Win32.Agent.OSCF, CoinMiner Thanks @sansecio @corelight_inc