Daily Ruleset Update Summary 2022/11/09

dumiller · November 9, 2022, 8:44pm

Summary:

8 new OPEN, 8 new PRO (8 + 0) DeimosC2, JS/Cloud9, and VBA/Agent.ADT

Thanks @Zimperium and @TrendMicro

Please share issues, feedback, and requests at Feedback

Added rules:

Open:

2039758 - ET MALWARE JS/Cloud9 Domain (download .loginserv .net) in DNS Lookup (malware.rules)
2039759 - ET MALWARE JS/Cloud9 Domain (cloud-miner .de) in DNS Lookup (malware.rules)
2039760 - ET MALWARE JS/Cloud9 Domain (zmsp .top) in DNS Lookup (malware.rules)
2039761 - ET MALWARE JS/Cloud9 Domain (download .agency) in DNS Lookup (malware.rules)
2039762 - ET MALWARE JS/Cloud9 Cookie Exfiltration Attempt (malware.rules)
2039763 - ET MALWARE JS/Cloud9 Clipboard Exfiltration Attempt (malware.rules)
2039764 - ET MALWARE DeimosC2 TCP Agent Heartbeat (malware.rules)
2039765 - ET MALWARE VBA/Agent.ADT Checkin (malware.rules)

Topic	Replies	Views
Daily Ruleset Update Summary 2022/09/28 Ruleset Updates	112	September 28, 2022
Daily Ruleset Update Summary 2022/09/29 Ruleset Updates	82	September 29, 2022
Ruleset Update Summary - 2023/07/18 - v10374 Ruleset Updates	197	July 18, 2023
Ruleset Update Summary - 2023/05/19 - v10327 Ruleset Updates	196	May 19, 2023
Daily Ruleset Update Summary 2022/09/30 Ruleset Updates	73	September 30, 2022

Daily Ruleset Update Summary 2022/11/09

Summary:

Added rules:

Open:

Related Topics