Summary:
16 new OPEN, 17 new PRO (16 + 1)
Thanks @jaydinbas
The Emerging Threats mailing list is migrating to Discourse. Please visit us at https://community.emergingthreats.net
We will announce the mailing list retirement date in the near future.
Added rules:
Open:
- 2044150 - ET INFO Observed URL Shortening Service Domain (surl .li in TLS SNI) (info.rules)
- 2044151 - ET INFO URL Shortening Service Domain in DNS Lookup (surl .li) (info.rules)
- 2044152 - ET MALWARE TA444 Related Domain in DNS Lookup (safe .doc-share .cloud) (malware.rules)
- 2044153 - ET MALWARE TA444 Related Domain in DNS Lookup (autoprotect .com .se) (malware.rules)
- 2044154 - ET INFO Observed OneNote Template Domain in TLS SNI (onenotegem .com) (info.rules)
- 2044155 - ET INFO Observed DNS Over HTTPS Domain in TLS SNI (zero .dns0 .eu) (info.rules)
- 2044156 - ET INFO Observed DNS Over HTTPS Domain in TLS SNI (ns1 .dotls .org) (info.rules)
- 2044157 - ET INFO Observed DNS Over HTTPS Domain in TLS SNI (safeservedns .com) (info.rules)
- 2044158 - ET INFO Observed DNS Over HTTPS Domain in TLS SNI (dns0 .eu) (info.rules)
- 2044159 - ET INFO Observed DNS Over HTTPS Domain in TLS SNI (open .dns0 .eu) (info.rules)
- 2044160 - ET INFO Observed DNS Over HTTPS Domain in TLS SNI (kids .dns0 .eu) (info.rules)
- 2044161 - ET INFO Observed DNS Over HTTPS Domain in TLS SNI (freedom .mydns .network) (info.rules)
- 2044162 - ET GAMES Multiple Game Cheat Application Activity (games.rules)
- 2044163 - ET GAMES Multiple Game Cheat Application Activity (games.rules)
- 2044164 - ET MALWARE UAC-0114/Winter Vivern Redirect (malware.rules)
- 2044165 - ET MALWARE SocGholish Domain in DNS Lookup (shock .creatingaharmoniouslife .net) (malware.rules)
Pro:
- 2853356 - ETPRO USER_AGENTS Observed Suspicious UA (EnAgent) (user_agents.rules)