Summary:
6 new OPEN, 8 new PRO (6 + 2)
Added rules:
Open:
- 2054654 - ET EXPLOIT_KIT Fake Browser Update Domain in DNS Lookup (bestdoctornearme .com) (exploit_kit.rules)
- 2054655 - ET EXPLOIT_KIT Fake Browser Update Domain in TLS SNI (bestdoctornearme .com) (exploit_kit.rules)
- 2054656 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (denaumtz .com) (exploit_kit.rules)
- 2054657 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (denaumtz .com) (exploit_kit.rules)
- 2054658 - ET WEB_SPECIFIC_APPS Openmediavault Crontab Manipulation Remote Code Execution/Privilege Escalation (CVE-2013-3652) (web_specific_apps.rules)
- 2054659 - ET MALWARE ASYNC RAT Payload Inbound (malware.rules)
Pro:
- 2857658 - ETPRO MALWARE Win32/Fake Robux Bot Registration (malware.rules)
- 2857659 - ETPRO MALWARE Win32/Fake Robux Bot Host Details Exfil (malware.rules)