Ruleset Update Summary - 2023/07/19 - v10375

rulesbot · July 19, 2023, 8:58pm

Summary:

11 new OPEN, 11 new PRO (11 + 0)

Thanks @AnFam17, @travisbgreen

2046861 - ET MALWARE Kaiten User Agent (malware.rules)
2046862 - ET EXPLOIT_KIT RogueRaticate Domain in DNS Lookup (updateadobeflash .website) (exploit_kit.rules)
2046863 - ET EXPLOIT_KIT RogueRaticate Domain in DNS Lookup (googletagmanagar .com) (exploit_kit.rules)
2046864 - ET EXPLOIT_KIT RogueRaticate Domain in DNS Lookup (google-analytiks .com) (exploit_kit.rules)
2046865 - ET EXPLOIT_KIT Keitaro Set-Cookie Inbound to RogueRaticate (4cdcb) (exploit_kit.rules)
2046866 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .plan .gemmadeealexander .com) (malware.rules)
2046867 - ET MALWARE SocGholish Domain in DNS Lookup (x64 .nvize .com) (malware.rules)
2046868 - ET MALWARE SocGholish Domain in TLS SNI (x64 .nvize .com) (malware.rules)
2046869 - ET EXPLOIT_KIT RogueRaticate Domain in TLS SNI (google-analytiks .com) (exploit_kit.rules)
2046870 - ET EXPLOIT_KIT RogueRaticate Domain in TLS SNI (googletagmanagar .com) (exploit_kit.rules)
2046871 - ET EXPLOIT_KIT RogueRaticate Domain in TLS SNI (updateadobeflash .website) (exploit_kit.rules)

2854357 - ETPRO EXPLOIT_KIT DNS Query to Keitaro TDS to NetSupport RAT Domain (exploit_kit.rules)
2854904 - ETPRO MALWARE Win32/XWorm V3 CnC Command - GetInformations Inbound (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2023/09/19 - v10420 Ruleset Updates	264	September 19, 2023
Ruleset Update Summary - 2023/10/31 - v10454 Ruleset Updates	299	October 31, 2023
Ruleset Update Summary - 2023/08/29 - v10405 Ruleset Updates	270	August 29, 2023
Ruleset Update Summary - 2023/09/14 - v10417 Ruleset Updates	242	September 14, 2023
Ruleset Update Summary - 2024/06/03 - v10608 Ruleset Updates	229	June 3, 2024