Ruleset Update Summary - 2023/10/27 - v10450

rulesbot · October 27, 2023, 9:08pm

Summary:

9 new OPEN, 10 new PRO (9 + 1)

Thanks @suyog41

2048921 - ET INFO Observed DNS Over HTTPS Domain (us1 .blissdns .net in TLS SNI) (info.rules)
2048922 - ET COINMINER Observed DNS Query to Monero Miner Related Domain (monerohash .com) (coinminer.rules)
2048923 - ET WEB_SERVER Generic Webshell Activity (POST) (web_server.rules)
2048924 - ET MALWARE Win32/NewsRat CnC Response (malware.rules)
2048925 - ET WEB_SPECIFIC_APPS Possible F5 BIG-IP AJP Request Smuggling Attempt (CVE-2023-46747) (web_specific_apps.rules)
2048926 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (cubicalwave .com) (exploit_kit.rules)
2048927 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (defeatdiseasewithdata .com) (exploit_kit.rules)
2048928 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (cubicalwave .com) (exploit_kit.rules)
2048929 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (defeatdiseasewithdata .com) (exploit_kit.rules)

2855498 - ETPRO MALWARE Possible DarkGate AutoIT Script Download (malware.rules)

Topic		Replies	Views
Ruleset Update Summary - 2023/09/06 - v10411 Ruleset Updates	0	237	September 6, 2023
Ruleset Update Summary - 2023/04/26 - v10308 Ruleset Updates	3	1050	September 8, 2023
Ruleset Update Summary - 2023/11/08 - v10461 Ruleset Updates	0	186	November 8, 2023
Daily Ruleset Update Summary 2022/10/14 Ruleset Updates	0	122	October 14, 2022
Ruleset Update Summary - 2024/04/08 - v10570 Ruleset Updates	0	164	April 8, 2024