Summary:
10 new OPEN, 12 new PRO (10 + 2).
Thanks @h2jazi and @AuCyble
Please share issues, feedback, and requests at Feedback
Added Rules:
Open:
2039772 - ET INFO External IP Lookup (keycdn .com) (info.rules)
2039773 - ET MALWARE Suspected CloudAtlas Related Domain in DNS
Lookup (protocol-list .com) (malware.rules)
2039774 - ET MALWARE Laplas Clipper CnC Domain (clipper .guru) in
DNS Lookup (malware.rules)
2039775 - ET MALWARE Laplas Clipper - Regex CnC Request (malware.rules)
2039776 - ET MALWARE Laplas Clipper - SetOnline CnC Checkin (malware.rules)
2039777 - ET MALWARE Laplas Clipper - GetAddress CnC Checkin (malware.rules)
2039778 - ET MALWARE GO/Ghisler Stealer Data Exfiltration Attempt
(malware.rules)
2039779 - ET PHISHING Successful GNCU Credential Phish 2022-11-14
(phishing.rules)
2039780 - ET MALWARE SocGholish Domain in DNS Lookup (community
.backpacktrader .com) (malware.rules)
2039781 - ET MALWARE TA569 Domain in DNS Lookup (friscomusicgroup
.com) (malware.rules)
Pro:
2852817 - ETPRO PHISHING Successful Generic Phish 2022-11-14 (phishing.rules)
2852818 - ETPRO PHISHING Successful O365 Credential Phish 2022-11-13
(phishing.rules)