Ruleset Update Summary - 2024/06/19 - v10621

rulesbot · June 19, 2024, 8:56pm

Summary:

4 new OPEN, 10 new PRO (4 + 6)

2053745 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (rvandccc .com) (exploit_kit.rules)
2053746 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (pelicanbcnsolutions .com) (exploit_kit.rules)
2053747 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (rvandccc .com) (exploit_kit.rules)
2053748 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (pelicanbcnsolutions .com) (exploit_kit.rules)

2857286 - ETPRO MALWARE Python Cstealer/SatanStealer Exfiltrating to Discord CnC (malware.rules)
2857287 - ETPRO MALWARE Python Cstealer/SatanStealer Discord JS Inject Inbound (malware.rules)
2857288 - ETPRO MOBILE_MALWARE Android/Spy.Agent.DGI CnC Domain in DNS Lookup (mobile_malware.rules)
2857289 - ETPRO MOBILE_MALWARE Android/Spy.Agent.BRN CnC Domain in DNS Lookup (mobile_malware.rules)
2857290 - ETPRO MOBILE_MALWARE Android/Spy.Agent.DCP CnC Domain in DNS Lookup (mobile_malware.rules)
2857291 - ETPRO MOBILE_MALWARE Android/Spy.Banker.BZD CnC Domain in DNS Lookup (mobile_malware.rules)

2049412 - ET MALWARE SocGholish Domain in DNS Lookup (dashboard .renovationsruth .com) (malware.rules)
2049413 - ET MALWARE SocGholish Domain in TLS SNI (dashboard .renovationsruth .com) (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2024/02/19 - v10535 Ruleset Updates	434	February 19, 2024
Ruleset Update Summary - 2024/07/15 - v10645 Ruleset Updates	140	July 15, 2024
Ruleset Update Summary - 2024/06/04 - v10609 Ruleset Updates	165	June 4, 2024
Ruleset Update Summary - 2024/07/24 - v10652 Ruleset Updates	62	July 24, 2024
Ruleset Update Summary - 2024/04/17 - v10577 Ruleset Updates	159	April 17, 2024