Summary:
30 new OPEN, 32 new PRO (30 + 2)
Thanks @rmceoin
Added rules:
Open:
- 2049471 - ET EXPLOIT Adobe ColdFusion Deserialization of Untrusted Data (CVE-2023-26360) M1 (exploit.rules)
- 2049472 - ET EXPLOIT Adobe ColdFusion Deserialization of Untrusted Data (CVE-2023-26360) M2 (exploit.rules)
- 2049473 - ET EXPLOIT Adobe ColdFusion Deserialization of Untrusted Data (CVE-2023-26360) M3 (exploit.rules)
- 2049474 - ET PHISHING USPS Phish Landing Page 2023-12-05 (phishing.rules)
- 2049475 - ET MALWARE SocGholish Domain in DNS Lookup (pluralism .themancav .com) (malware.rules)
- 2049476 - ET MALWARE SocGholish Domain in TLS SNI (pluralism .themancav .com) (malware.rules)
- 2049477 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (en-ca-wordpress .org) (exploit_kit.rules)
- 2049478 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (en-za-wordpress .org) (exploit_kit.rules)
- 2049479 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (en-nz-wordpress .org) (exploit_kit.rules)
- 2049480 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (en-au-wordpress .org) (exploit_kit.rules)
- 2049481 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (en-gb-wordpress .org) (exploit_kit.rules)
- 2049482 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (en-us-wordpress .org) (exploit_kit.rules)
- 2049483 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (wordpress .secureplatform .org) (exploit_kit.rules)
- 2049484 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (wordpress .securityplugins .org) (exploit_kit.rules)
- 2049485 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (wpgate .zip) (exploit_kit.rules)
- 2049486 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (wpsrv .zip) (exploit_kit.rules)
- 2049487 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (wpsys .zip) (exploit_kit.rules)
- 2049488 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in DNS Lookup (wpops .zip) (exploit_kit.rules)
- 2049489 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (en-ca-wordpress .org) (exploit_kit.rules)
- 2049490 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (en-za-wordpress .org) (exploit_kit.rules)
- 2049491 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (en-nz-wordpress .org) (exploit_kit.rules)
- 2049492 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (en-au-wordpress .org) (exploit_kit.rules)
- 2049493 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (en-gb-wordpress .org) (exploit_kit.rules)
- 2049494 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (en-us-wordpress .org) (exploit_kit.rules)
- 2049495 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (wordpress .secureplatform .org) (exploit_kit.rules)
- 2049496 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (wordpress .securityplugins .org) (exploit_kit.rules)
- 2049497 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (wpgate .zip) (exploit_kit.rules)
- 2049498 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (wpsrv .zip) (exploit_kit.rules)
- 2049499 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (wpsys .zip) (exploit_kit.rules)
- 2049500 - ET EXPLOIT_KIT Fake WordPress CVE Plugin Domain in TLS SNI (wpops .zip) (exploit_kit.rules)
Pro:
- 2855893 - ETPRO MALWARE VBA/Unknown Credential Stealer Exfil (POST) (malware.rules)
- 2855894 - ETPRO MALWARE Win32/FakeJami Stealer Host Details Exfil (malware.rules)