Ruleset Update Summary - 2022/12/16 - v10198

rulesbot · December 16, 2022, 9:57pm

Summary:

3 new OPEN, 4 new PRO (3 + 1)

The Emerging Threats mailing list is migrating to Discourse. Please visit us at https://community.emergingthreats.net

We will announce the mailing list retirement date in the near future.

2042956 - ET EXPLOIT Observed Mirai/Gafgyt Post Brute Force Activity (GET) (exploit.rules)
2042957 - ET MALWARE Observed Malicious Mustang Panda APT Related SSL Cert (File Transfer Service) (malware.rules)
2042958 - ET MALWARE Win32/PSW.LdPinch CnC Checkin (malware.rules)

2852956 - ETPRO PHISHING Successful Wells Fargo Credential Phish 2022-12-16 (phishing.rules)

2036603 - ET MALWARE Restylink Domain in DNS Lookup (differentfor .com) (malware.rules)
2036604 - ET MALWARE Restylink Domain in DNS Lookup (mbusabc .com) (malware.rules)
2036605 - ET MALWARE Restylink Domain in DNS Lookup (disknxt .com) (malware.rules)
2036606 - ET MALWARE Restylink Domain in DNS Lookup (officehoster .com) (malware.rules)
2036607 - ET MALWARE Restylink Domain in DNS Lookup (spffusa .org) (malware.rules)
2036608 - ET MALWARE Restylink Domain in DNS Lookup (sseekk .xyz) (malware.rules)
2036609 - ET MALWARE Restylink Domain in DNS Lookup (youmiuri .com) (malware.rules)
2852953 - ETPRO MALWARE Qbot Style Payload Request (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2022/12/22 - v10203 Ruleset Updates	199	December 22, 2022
Ruleset Update Summary - 2022/11/21 - v10178 Ruleset Updates	431	November 21, 2022
Ruleset Update Summary - 2022/12/05 - v10188 Ruleset Updates	330	December 5, 2022
Ruleset Update Summary - 2023/03/31 - v10282 Ruleset Updates	258	March 31, 2023
Ruleset Update Summary - 2023/02/13 - v10242 Ruleset Updates	105	February 13, 2023