Ruleset Update Summary - 2023/12/29 - v10496

rulesbot · December 29, 2023, 8:32pm

Summary:

5 new OPEN, 9 new PRO (5 + 4)

Thanks @suyog41

No release on Monday due to the New Years Holiday

2049868 - ET INFO HTTP Request for FixMe.IT / Techinline Remote Access Tool (info.rules)
2049869 - ET MALWARE Snake Keylogger HTTP Exfil (malware.rules)
2049870 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (ratingsentry .com) (exploit_kit.rules)
2049871 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (ratingsentry .com) (exploit_kit.rules)
2049872 - ET MALWARE Rezlt RDP Grabber - This is Not RDP (malware.rules)

2816735 - ETPRO INFO FixMe.IT / Techinline Remote Access Tool SSL Cert (info.rules)
2856073 - ETPRO MALWARE Asyncrat Related Download Activity (malware.rules)
2856074 - ETPRO HUNTING Possible Asyncrat Activity (HEAD) (hunting.rules)
2856075 - ETPRO HUNTING Possible Asyncrat Activity (GET) (hunting.rules)

2816735 - ETPRO POLICY Possible FixMe.IT / Techinline Remote Access Tool SSL Cert (policy.rules)

Topic	Replies	Views
Ruleset Update Summary - 2024/07/24 - v10652 Ruleset Updates	63	July 24, 2024
Ruleset Update Summary - 2024/07/15 - v10645 Ruleset Updates	173	July 15, 2024
Ruleset Update Summary - 2024/07/10 - v10642 Ruleset Updates	82	July 10, 2024
Ruleset Update Summary - 2024/06/19 - v10621 Ruleset Updates	120	June 19, 2024
Ruleset Update Summary - 2024/03/19 - v10555 Ruleset Updates	249	March 19, 2024