Summary:
4 new OPEN, 11 new PRO (4 + 7)
Added rules:
Open:
- 2055264 - ET INFO DYNAMIC_DNS Query to a * .icbcluj .ro Domain (info.rules)
- 2055265 - ET INFO DYNAMIC_DNS HTTP Request to a * .icbcluj .ro Domain (info.rules)
- 2055266 - ET MALWARE ZPHP CnC Domain in DNS Lookup (estafetaofj .top) (malware.rules)
- 2055267 - ET MALWARE ZPHP CnC Domain in TLS SNI (estafetaofj .top) (malware.rules)
Pro:
- 2857928 - ETPRO PHISHING Microsoft Phishing Domain in DNS Lookup (phishing.rules)
- 2857929 - ETPRO PHISHING Microsoft Phishing Domain in TLS SNI (phishing.rules)
- 2857930 - ETPRO PHISHING Microsoft Phishing POST Credentials Domain in DNS Lookup (phishing.rules)
- 2857931 - ETPRO PHISHING Microsoft Phishing Credential POST Domain in TLS SNI (phishing.rules)
- 2857932 - ETPRO PHISHING US Dept of Cyber Security Compensation Phish Domain in DNS Lookup (phishing.rules)
- 2857933 - ETPRO PHISHING US Dept of Cyber Security Compensation Phish Domain in TLS SNI (phishing.rules)
- 2857934 - ETPRO PHISHING Evil Keitaro Set-Cookie Inbound to Phishing (e7a4f) (phishing.rules)
Enabled and modified rules:
- 2050715 - ET EXPLOIT_KIT Parrot TDS Domain in DNS Lookup (share .clickstat360 .com) (exploit_kit.rules)
- 2050717 - ET EXPLOIT_KIT Parrot TDS Domain in TLS SNI (share .clickstat360 .com) (exploit_kit.rules)