Ruleset Update Summary - 2023/02/02 - v10235

rulesbot · February 2, 2023, 10:48pm

Summary:

17 new OPEN, 25 new PRO (17 + 8)

The Emerging Threats mailing list is migrating to Discourse. Please visit us at https://community.emergingthreats.net

We will announce the mailing list retirement date in the near future.

2044061 - ET MALWARE UAC-0114/Winter Vivern Screenshot Upload M1 (malware.rules)
2044062 - ET MALWARE UAC-0114/Winter Vivern Screenshot Upload M2 (malware.rules)
2044063 - ET MALWARE UAC-0114/Winter Vivern File Exfilration (malware.rules)
2044064 - ET MALWARE UAC-0114/Winter Vivern CnC Activity (malware.rules)
2044065 - ET MALWARE Kakfum/COLDSTEEL CnC Beacon M3 (malware.rules)
2044066 - ET MALWARE Win32/Kumquat Loader Activity (Connect) (malware.rules)
2044067 - ET MALWARE Win32/Kumquat Loader Activity (Subscribe) (malware.rules)
2044068 - ET MALWARE Win32/Kumquat Loader Activity (Publish) (malware.rules)
2044069 - ET INFO RustDesk Check NAT Type (info.rules)
2044070 - ET INFO RustDesk Register Peer where serial=1 (info.rules)
2044071 - ET INFO RustDesk Register Peer where serial=0 (info.rules)
2044072 - ET INFO RustDesk Get Software Update URL (info.rules)
2044073 - ET INFO RustDesk Register Public Key (info.rules)
2044074 - ET INFO RustDesk Peer Discovery (pong) (info.rules)
2044075 - ET INFO RustDesk Peer Discovery (ping) (info.rules)
2044076 - ET INFO RustDesk Relay Domain in DNS Lookup (info.rules)
2044077 - ET MALWARE Win32/Phorpiex UDP Peer-to-Peer CnC (malware.rules)