Ruleset Update Summary - 2024/10/14 - v10719

Ruleset Updates
1

Summary:

5 new OPEN, 16 new PRO (5 + 11)

Thanks @g0njxa, @rampage

Added rules:

Open:

  • 2056643 - ET PHISHING Javascript Browser Fingerprinting POST Request (phishing.rules)
  • 2056644 - ET INFO Generic 302 Redirect Google 404 (info.rules)
  • 2056645 - ET MALWARE Suspected PrivateLoader CnC Checkin - Server Response (malware.rules)
  • 2056647 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .rooms .fierceatfifty .com) (malware.rules)
  • 2056648 - ET MALWARE SocGholish CnC Domain in TLS SNI (* .rooms .fierceatfifty .com) (malware.rules)

Pro:

  • 2858670 - ETPRO INFO HTTP Request to a *.science domain (info.rules)
  • 2858671 - ETPRO INFO HTTP Request to a *.stream domain (info.rules)
  • 2858672 - ETPRO INFO HTTP Request to a *.men domain (info.rules)
  • 2858673 - ETPRO INFO HTTP Request to a *.study domain (info.rules)
  • 2858674 - ETPRO INFO HTTP Request to a *.date domain (info.rules)
  • 2858675 - ETPRO INFO HTTP Request to a *.click domain (info.rules)
  • 2858676 - ETPRO INFO HTTP Request to a *.review domain (info.rules)
  • 2858677 - ETPRO INFO HTTP Request to a *.download domain (info.rules)
  • 2858678 - ETPRO INFO HTTP Request to a *.link domain (info.rules)
  • 2858679 - ETPRO MALWARE TA582 Domain in DNS Lookup (malware.rules)
  • 2858680 - ETPRO MALWARE TA582 Domain in DNS Lookup (malware.rules)