Ruleset Update Summary - 2023/08/16 - v10395

rulesbot · August 16, 2023, 8:47pm

Summary:

13 new OPEN, 16 new PRO (13 + 3)

2047652 - ET INFO DYNAMIC_DNS Query to a *.h-o-s-t .name Domain (info.rules)
2047653 - ET INFO DYNAMIC_DNS HTTP Request to a *.h-o-s-t .name Domain (info.rules)
2047654 - ET INFO DYNAMIC_DNS Query to a *.telcomresearch .com Domain (info.rules)
2047655 - ET INFO DYNAMIC_DNS HTTP Request to a *.telcomresearch .com Domain (info.rules)
2047656 - ET INFO DYNAMIC_DNS Query to a *.appia .com .au Domain (info.rules)
2047657 - ET INFO DYNAMIC_DNS HTTP Request to a *.appia .com .au Domain (info.rules)
2047658 - ET INFO DYNAMIC_DNS Query to a *.joseulloa .cl Domain (info.rules)
2047659 - ET INFO DYNAMIC_DNS HTTP Request to a *.joseulloa .cl Domain (info.rules)
2047660 - ET ADWARE_PUP Win32/TrojanDownloader Variant Activity (GET) (adware_pup.rules)
2047661 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .workout .oystergardener .net) (malware.rules)
2047662 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .workout .oystergardener .net) (malware.rules)
2047663 - ET EXPLOIT_KIT RogueRaticate Domain in DNS Lookup (analytics-google-x91 .com) (exploit_kit.rules)
2047664 - ET EXPLOIT_KIT RogueRaticate Domain in TLS SNI (analytics-google-x91 .com) (exploit_kit.rules)

2046745 - ET MALWARE SocGholish Domain in DNS Lookup (launch .viewthesteps .com) (malware.rules)
2046786 - ET EXPLOIT_KIT TA569 Keitaro TDS Domain in DNS Lookup (biggreenlimes .org) (exploit_kit.rules)
2046787 - ET EXPLOIT_KIT TA569 Keitaro TDS Domain in DNS Lookup (linedloop .org) (exploit_kit.rules)
2046813 - ET MALWARE RomCom CnC Domain in DNS Lookup (finformservice .com) (malware.rules)
2046814 - ET MALWARE RomCom CnC Domain in DNS Lookup (penofach .com) (malware.rules)
2046815 - ET MALWARE RomCom CnC Domain in DNS Lookup (altimata .org) (malware.rules)
2046816 - ET MALWARE RomCom CnC Domain in DNS Lookup (bentaxworld .com) (malware.rules)
2046817 - ET PHISHING RomCom Phishing Domain in DNS Lookup (ukrainianworldcongress .info) (phishing.rules)
2046828 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .plan .gemmadeealexander .com) (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2023/11/15 - v10466 Ruleset Updates	499	November 15, 2023
Ruleset Update Summary - 2023/05/18 - v10326 Ruleset Updates	245	May 18, 2023
Ruleset Update Summary - 2023/05/17 - v10325 Ruleset Updates	228	May 17, 2023
Ruleset Update Summary - 2023/11/13 - v10464 Ruleset Updates	217	November 13, 2023
Ruleset Update Summary - 2024/04/22 - v10580 Ruleset Updates	132	April 22, 2024