Daily Ruleset Update Summary 2022/11/01

bingohotdog · November 1, 2022, 9:42pm

Summary:

9 new OPEN, 27 new PRO (9 + 18) SocGholish, Win32/Agent.AETZ CnC Checkin, and Various Adware and Phish

Please share issues, feedback, and requests at Feedback

Thanks @Thingzeye

Added rules:

Open:

2039609 - ET PHISHING TMOBILE Credential Phish Landing Page 2022-11-01 (phishing.rules)
2039610 - ET PHISHING TMOBILE Successful Credential Phish 2022-11-01 (phishing.rules)
2039611 - ET ADWARE_PUP DriverTurbo Domain (driverturbo .com) in DNS Lookup (adware_pup.rules)
2039612 - ET ADWARE_PUP DriverTurbo Domain (driverfinderpro .com) in DNS Lookup (adware_pup.rules)
2039613 - ET ADWARE_PUP DriverFinder User-Agent Observed in HTTP Traffic (adware_pup.rules)
2039614 - ET INFO Observed DNS Query to Dynamic DNS Service Domain (duia .ro) (info.rules)
2039615 - ET INFO Observed Dynamic DNS Service Domain in TLS SNI (duia .ro) (info.rules)
2039616 - ET MALWARE Win32/Agent.AETZ CnC Checkin (malware.rules)
2039617 - ET MALWARE SocGholish Domain in DNS Lookup (squad .incumetrics .com) (malware.rules)

Pro:

2852749 - ETPRO PHISHING Successful Generic Phish 2022-11-01 (phishing.rules)

Disabled and modified rules:

2039603 - ET MALWARE JS/AlterSave Skimmer Payload Inbound M1 (malware.rules)
2039604 - ET MALWARE JS/AlterSave Skimmer Payload Inbound M2 (malware.rules)

Topic	Replies	Views
Daily Ruleset Update Summary 2022/10/10 Ruleset Updates	120	October 10, 2022
Daily Ruleset Update Summary 2022/10/27 Ruleset Updates	286	October 27, 2022
Ruleset Update Summary - 2023/06/20 - v10354 Ruleset Updates	200	June 20, 2023
Ruleset Update Summary - 2023/05/10 - v10320 Ruleset Updates	280	May 10, 2023
Ruleset Update Summary - 2023/09/29 - v10429 Ruleset Updates	296	September 29, 2023

Daily Ruleset Update Summary 2022/11/01

Related Topics