Ruleset Update Summary - 2023/12/29 - v10496

rulesbot · December 29, 2023, 8:32pm

Summary:

5 new OPEN, 9 new PRO (5 + 4)

Thanks @suyog41

No release on Monday due to the New Years Holiday

2049868 - ET INFO HTTP Request for FixMe.IT / Techinline Remote Access Tool (info.rules)
2049869 - ET MALWARE Snake Keylogger HTTP Exfil (malware.rules)
2049870 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (ratingsentry .com) (exploit_kit.rules)
2049871 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (ratingsentry .com) (exploit_kit.rules)
2049872 - ET MALWARE Rezlt RDP Grabber - This is Not RDP (malware.rules)

2816735 - ETPRO INFO FixMe.IT / Techinline Remote Access Tool SSL Cert (info.rules)
2856073 - ETPRO MALWARE Asyncrat Related Download Activity (malware.rules)
2856074 - ETPRO HUNTING Possible Asyncrat Activity (HEAD) (hunting.rules)
2856075 - ETPRO HUNTING Possible Asyncrat Activity (GET) (hunting.rules)

2816735 - ETPRO POLICY Possible FixMe.IT / Techinline Remote Access Tool SSL Cert (policy.rules)

Topic	Replies	Views
Ruleset Update Summary - 2024/03/19 - v10555 Ruleset Updates	181	March 19, 2024
Ruleset Update Summary - 2024/02/19 - v10535 Ruleset Updates	259	February 19, 2024
Ruleset Update Summary - 2024/02/23 - v10539 Ruleset Updates	171	February 23, 2024
Ruleset Update Summary - 2023/05/25 - v10332 Ruleset Updates	266	May 25, 2023
Ruleset Update Summary - 2023/07/13 - v10371 Ruleset Updates	147	July 13, 2023