Ruleset Update Summary - 2023/09/21 - v10422

rulesbot · September 21, 2023, 8:54pm

Summary:

6 new OPEN, 7 new PRO (6 + 1)

Thanks @Vectra_AI

2036627 - ET INFO ScreenConnect/ConnectWise Initial Checkin Packet M1 (info.rules)
2048051 - ET INFO ScreenConnect/ConnectWise Initial Checkin Packet M2 (info.rules)
2048143 - ET INFO ScreenConnect/ConnectWise Initial Checkin Packet M3 (info.rules)
2048144 - ET PHISHING TOAD CnC Domain in DNS Lookup (eshopper .top) (phishing.rules)
2048145 - ET PHISHING Observed TOAD Domain (eshopper .top in TLS SNI) (phishing.rules)
2048146 - ET EXPLOIT Possible Barracuda Email Security Gateway Remote Code Execution Attempt (CVE-2023-2868) M2 (exploit.rules)

2036627 - ET POLICY ScreenConnect-ConnectWise Initial Checkin Packet M1 (policy.rules)
2048051 - ET POLICY ScreenConnect-ConnectWise Initial Checkin Packet M2 (policy.rules)
2839081 - ETPRO POLICY External IP Lookup - myip ipip .net (policy.rules)

Topic	Replies	Views
Ruleset Update Summary - 2023/10/13 - v10439 Ruleset Updates	335	October 13, 2023
Ruleset Update Summary - 2023/10/03 - v10431 Ruleset Updates	234	October 3, 2023
Ruleset Update Summary - 2023/09/22 - v10423 Ruleset Updates	331	September 22, 2023
Ruleset Update Summary - 2023/08/10 - v10391 Ruleset Updates	257	August 10, 2023
Ruleset Update Summary - 2024/12/03 - v10783 Ruleset Updates	30	December 3, 2024