Ruleset Update Summary - 2023/07/07 - v10367

Ruleset Updates
1

Summary:

9 new OPEN, 9 new PRO (9 + 0)

Thanks @Jane_0sint

Added rules:

Open:

  • 2046746 - ET INFO Cloud Storage Related Domain in DNS Lookup (webdav .drivehq .com) (info.rules)
  • 2046747 - ET INFO Evernote Link/File Sharing Related Domain in DNS Lookup (t .mail-svc .evernote .com) (info.rules)
  • 2046748 - ET INFO Executable Requested from Evernote Link M1 (GET) (info.rules)
  • 2046749 - ET INFO Executable Requested from Evernote Link M2 (GET) (info.rules)
  • 2046750 - ET INFO Executable Requested from Evernote Link M3 (GET) (info.rules)
  • 2046751 - ET MALWARE [ANY.RUN] Hydrochasma Fast Reverse Proxy M2 (malware.rules)
  • 2046752 - ET MALWARE TA444 Domain in DNS Lookup (malware.rules)
  • 2046753 - ET WEB_SERVER ASPXSPY - Manic Menagerie Variant Activity M1 (web_server.rules)
  • 2046754 - ET PHISHING Successful SFR Mail Credential Phish 2023-07-07 (phishing.rules)

Modified inactive rules:

  • 2046726 - ET MALWARE [ANY.RUN] Hydrochasma Fast Reverse Proxy M1 (malware.rules)