Ruleset Update Summary - 2023/08/17 - v10397

Summary:

6 new OPEN, 9 new PRO (6 + 3)


Added rules:

Open:

  • 2047665 - ET INFO Observed DNS over HTTPS Domain in TLS SNI (dns .rayanbab .com) (info.rules)
  • 2047666 - ET INFO Observed DNS over HTTPS Domain in TLS SNI (doh .morizt .id) (info.rules)
  • 2047667 - ET INFO Observed DNS over HTTPS Domain in TLS SNI (pdns .itxe .net) (info.rules)
  • 2047668 - ET INFO Observed DNS over HTTPS Domain in TLS SNI (dns .ningkelle .id) (info.rules)
  • 2047669 - ET INFO Fleetdeck Remote Management Software Domain in DNS Lookup (fleetdeck .io) (info.rules)
  • 2047670 - ET INFO Observed Fleetdeck Remote Management Software Domain in TLS SNI (fleetdeck .io) (info.rules)

Pro:

  • 2855120 - ETPRO MALWARE DOILoader Connectivity Test (GET) (malware.rules)
  • 2855121 - ETPRO MALWARE DOILoader Activity (GET) (malware.rules)
  • 2855122 - ETPRO EXPLOIT_KIT Captcha to Malicious Download (exploit_kit.rules)