Ruleset Update Summary - 2023/08/07 - v10388

rulesbot · August 7, 2023, 9:45pm

Summary:

8 new OPEN, 11 new PRO (8 + 3)

Thanks @Jane_0sint

2047063 - ET MALWARE IcedID CnC Domain in DNS Lookup (pireltotus .com) (malware.rules)
2047064 - ET INFO External IP Check Domain in DNS Lookup (api .ipapi .com) (info.rules)
2047065 - ET INFO Observed External IP Check Domain (api .ipapi .com in TLS SNI) (info.rules)
2047066 - ET MALWARE [ANY.RUN] PovertyStealer Check-In via TCP (malware.rules)
2047067 - ET MALWARE [ANY.RUN] PovertyStealer Exfiltration M1 (malware.rules)
2047068 - ET MALWARE [ANY.RUN] Phemedrone Stealer Exfiltration via Telegram (malware.rules)
2047069 - ET MALWARE Redis-p2pinfect TLS Certificate Serial Number Observed in SSL Certificate (malware.rules)
2047070 - ET EXPLOIT_KIT Parrot TDS Check M2 (exploit_kit.rules)

2032318 - ET MALWARE Suspected Jobcrypter Ransomware Exfil (SMTP) (malware.rules)
2033689 - ET MOBILE_MALWARE APT33/Charming Kitten Android/LittleLooter Activity (POST) M4 (mobile_malware.rules)
2033720 - ET MALWARE Unknown Chinese Threat Actor Malicious Redirect Activity (malware.rules)
2045623 - ET MALWARE Gamaredon APT Related Domain in DNS Lookup (files-dwn .shop) (malware.rules)
2046741 - ET MALWARE Cinoshi Clipper Related Domain in DNS Lookup (tryno .ru) (malware.rules)
2833765 - ETPRO MALWARE OilRig BONDUPDATER C2 via DNS (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2022/11/15 - v10173 Ruleset Updates	124	November 15, 2022
Ruleset Update Summary - 2023/10/25 - v10448 Ruleset Updates	268	October 25, 2023
Ruleset Update Summary - 2023/08/31 - v10407 Ruleset Updates	290	August 31, 2023
Ruleset Update Summary - 2023/06/20 - v10354 Ruleset Updates	243	June 20, 2023
Ruleset Update Summary - 2024/02/23 - v10539 Ruleset Updates	238	February 23, 2024