Ruleset Update Summary - 2023/08/02 - v10386

Summary:

4 new OPEN, 5 new PRO (4 + 1)

Thanks @suyog41

All ETOPEN and ETPRO customers, Please be aware that Friday, August 4th, 2023 is a ProofPoint company holiday. As such, there will be no rule release that day. Thank you for your continued patronage and support.


Added rules:

Open:

  • 2047018 - ET WEB_SPECIFIC_APPS Metabase Setup-Token Information Disclosure - Required for CVE-2023-38646 (web_specific_apps.rules)
  • 2047019 - ET MALWARE Suspected Earth Preta PUBLOAD Activity (malware.rules)
  • 2047020 - ET HUNTING Veeam Credential Recovery Script Inbound (hunting.rules)
  • 2047021 - ET MALWARE Bitter APT CHM CnC Activity (GET) M4 (malware.rules)

Pro:

  • 2854976 - ETPRO MALWARE Win32/Vwealer.D Exfil (malware.rules)