[***] Summary: [***]

8 new OPEN, 12 new PRO (8 + 4)

Note: There will be no release Monday 12/26 for holiday observance.

The Emerging Threats mailing list is migrating to Discourse. Please
visit us at https://community.emergingthreats.net

We will announce the mailing list retirement date in the near future.

[+++] Added rules: [+++]

Open:

2042994 - ET MALWARE Gamaredon APT Related Activity (GET) (malware.rules)
2042995 - ET MALWARE Gamaredon APT Related Activity (POST) (malware.rules)
2042996 - ET PHISHING Socios Credential Phish Landing Page 2022-12-22
(phishing.rules)
2042997 - ET INFO Cloud IPFS Service Domain in DNS Lookup (fleek .co)
(info.rules)
2042998 - ET MALWARE SocGholish Domain in DNS Lookup (office
.cdsigner .com) (malware.rules)
2042999 - ET MALWARE SocGholish Domain in DNS Lookup (group5
.corralphacap .com) (malware.rules)
2043000 - ET MALWARE SocGholish Domain in DNS Lookup (navyseal
.digijump .online) (malware.rules)
2043001 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .shrubs
.emptyisland .pics) (malware.rules)

Pro:

2852976 - ETPRO MALWARE Win32/BeamWinHTTP CnC Activity M1 (POST)
(malware.rules)
2852977 - ETPRO MALWARE Win32/BeamWinHTTP CnC Activity M2 (GET) (malware.rules)
2852978 - ETPRO MALWARE Win32/BeamWinHTTP CnC Activity M3 (POST)
(malware.rules)
2852979 - ETPRO MALWARE Win32/Fabookie.ek CnC Response (malware.rules)

[///] Modified active rules: [///]

2835370 - ETPRO PHISHING Successful Smartsheet Phish 2019-03-14
(phishing.rules)
2844875 - ETPRO PHISHING Successful Sharepoint Phish 2020-10-09
(phishing.rules)

[---] Disabled and modified rules: [---]

2039830 - ET MALWARE SocGholish Domain in DNS Lookup (dashboard
.skybacherslocker .com) (malware.rules)

---------------------------------------------------------