Ruleset Update Summary - 2023/10/03 - v10431

rulesbot · October 3, 2023, 8:37pm

Summary:

4 new OPEN, 7 new PRO (4 + 3)

2048383 - ET EXPLOIT WS_FTP .NET Deserialization Exploit Attempt (CVE-2023-40044) (exploit.rules)
2048384 - ET PHISHING [TW] Trex Phishkit POST (phishing.rules)
2048385 - ET PHISHING [TW] CodeCrafters Phishkit Config Vars (phishing.rules)
2048386 - ET PHISHING [TW] CodeCrafters Phishkit CSS (phishing.rules)

2855316 - ETPRO PHISHING TOAD Domain in DNS Lookup (phishing.rules)
2855317 - ETPRO PHISHING Observed TOAD Domain in TLS SNI (phishing.rules)
2855318 - ETPRO MALWARE Win32/Unknown Downloader Payload Request (GET) (malware.rules)

2046869 - ET EXPLOIT_KIT RogueRaticate Domain in TLS SNI (google-analytiks .com) (exploit_kit.rules)
2046870 - ET EXPLOIT_KIT RogueRaticate Domain in TLS SNI (googletagmanagar .com) (exploit_kit.rules)
2046871 - ET EXPLOIT_KIT RogueRaticate Domain in TLS SNI (updateadobeflash .website) (exploit_kit.rules)
2047676 - ET EXPLOIT_KIT Fake Browser Update Domain in DNS Lookup (cheetahsnv .com) (exploit_kit.rules)
2047677 - ET EXPLOIT_KIT Fake Browser Update Domain in TLS SNI (cheetahsnv .com) (exploit_kit.rules)
2047704 - ET EXPLOIT_KIT Fake Browser Update Domain in DNS Lookup (offshorechain .org) (exploit_kit.rules)

Topic	Replies	Views
Ruleset Update Summary - 2023/10/13 - v10439 Ruleset Updates	333	October 13, 2023
Ruleset Update Summary - 2023/09/22 - v10423 Ruleset Updates	328	September 22, 2023
Ruleset Update Summary - 2023/11/10 - v10463 Ruleset Updates	286	November 10, 2023
Ruleset Update Summary - 2023/08/10 - v10391 Ruleset Updates	248	August 10, 2023
Ruleset Update Summary - 2023/11/17 - v10468 Ruleset Updates	366	November 17, 2023