Ruleset Update Summary - 2023/04/13 - v10297

rulesbot · April 13, 2023, 8:56pm

Summary:

15 new OPEN, 15 new PRO (15 + 0)

Thanks @TLP_R3D, @RexorVc0, @ahnlab_secuinfo, @mstoned7

2044927 - ET MALWARE ClouudAtlas APT Related Domain in DNS Lookup (supportpanel .agent-group .org) (malware.rules)
2044928 - ET MALWARE TA444 Related Domain in DNS Lookup (safe .shared-document .cloud) (malware.rules)
2044929 - ET MALWARE TA444 Related Domain in DNS Lookup (spirtblockchain .com) (malware.rules)
2044930 - ET MALWARE TA444 Related Domain in DNS Lookup (arbordeck .co .in) (malware.rules)
2044931 - ET MALWARE Suspected Tick Group APT Related Activity (GET) (malware.rules)
2044932 - ET MALWARE Suspected Tick Group APT Related Activity (GET) (malware.rules)
2044933 - ET ATTACK_RESPONSE RaccoonStealer Admin Console Inbound (attack_response.rules)
2044934 - ET MALWARE MalDoc/ScarCruft CnC Activity (GET) M1 (malware.rules)
2044935 - ET MALWARE MalDoc/ScarCruft CnC Activity (GET) M2 (malware.rules)
2044936 - ET MALWARE MalDoc/ScarCruft CnC Activity (GET) M3 (malware.rules)
2044937 - ET ATTACK_RESPONSE Win32/ScarCruf Payload Inbound (attack_response.rules)
2044938 - ET WEB_CLIENT TA569 Keitaro TDS Domain in DNS Lookup (backendjs .org) (web_client.rules)
2044939 - ET WEB_CLIENT TA569 Keitaro TDS Domain in DNS Lookup (assistpayout .org) (web_client.rules)
2044940 - ET WEB_CLIENT TA569 Keitaro TDS Domain in DNS Lookup (jsviewdev .org) (web_client.rules)
2044941 - ET MALWARE Win32/Spy.Mekotio.ER Checkin (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2024/01/10 - v10503 Ruleset Updates	273	January 10, 2024
Ruleset Update Summary - 2023/09/05 - v10410 Ruleset Updates	234	September 5, 2023
Ruleset Update Summary - 2023/05/19 - v10327 Ruleset Updates	197	May 19, 2023
Ruleset Update Summary - 2023/04/27 - v10309 Ruleset Updates	245	April 27, 2023
Ruleset Update Summary - 2024/02/16 - v10534 Ruleset Updates	205	February 16, 2024