Daily Ruleset Update Summary 2022/10/27

bingohotdog · October 27, 2022, 9:34pm

Summary:

2 new OPEN, 10 new PRO (2 + 8) SocGholish, Remcos RAT, Suspicious UA, Various Phish

Please share issues, feedback, and requests at Feedback

Added rules:

Open:

2039584 - ET INFO Observed DNS Query to Filesharing Service (mega .co .nz) (info.rules)
2039585 - ET MALWARE SocGholish Domain in DNS Lookup (shipwrecks .ggentile .com) (malware.rules)

Pro:

2852668 - ETPRO MALWARE Win32/Remcos RAT Checkin 847 (malware.rules)
2852669 - ETPRO INFO Geodirecting Service Domain in DNS Lookup (gtly .to) (info.rules)
2852671 - ETPRO PHISHING Successful Generic Phish 2022-10-27 (phishing.rules)
2852672 - ETPRO PHISHING Successful Generic Phish 2022-10-27 (phishing.rules)
2852673 - ETPRO PHISHING Successful Generic Phish 2022-10-27 (phishing.rules)
2852674 - ETPRO USER_AGENTS Observed Suspicious UA (Mazilla) (user_agents.rules)

Modified active rules:

2037876 - ET PHISHING America First CU Successful Phish 2022-10-27 (phishing.rules)
2037877 - ET PHISHING America First CU Account Recovery 2022-10-27 (phishing.rules)

Topic	Replies	Views
Daily Ruleset Update Summary 2022/10/10 Ruleset Updates	152	October 10, 2022
Ruleset Update Summary - 2023/06/20 - v10354 Ruleset Updates	245	June 20, 2023
Daily Ruleset Update Summary 2022/11/08 Ruleset Updates	191	November 9, 2022
Ruleset Update Summary - 2023/08/31 - v10407 Ruleset Updates	296	August 31, 2023
Daily Ruleset Update Summary 2022/11/01 Ruleset Updates	274	November 1, 2022

Daily Ruleset Update Summary 2022/10/27

Related topics