Ruleset Update Summary - 2024/10/30 - v10731

rulesbot · October 30, 2024, 7:58pm

Summary:

12 new OPEN, 12 new PRO (12 + 0)

2057150 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (relaxatiyon .cyou) (malware.rules)
2057151 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (relaxatiyon .cyou in TLS SNI) (malware.rules)
2057152 - ET EXPLOIT_KIT TA569 Middleware Domain in DNS Lookup (loopconstruct .com) (exploit_kit.rules)
2057153 - ET EXPLOIT_KIT TA569 Middleware Domain in TLS SNI (loopconstruct .com) (exploit_kit.rules)
2057154 - ET WEB_SPECIFIC_APPS Cyberpanel upgrademysqlstatus Command Injection Attempt (CVE-2024-51567) (web_specific_apps.rules)
2057155 - ET EXPLOIT_KIT Balada Domain in DNS Lookup (startservicefounds .com) (exploit_kit.rules)
2057156 - ET EXPLOIT_KIT Balada Domain in TLS SNI (startservicefounds .com) (exploit_kit.rules)
2057157 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (omegaarea .site) (exploit_kit.rules)
2057158 - ET WEB_SPECIFIC_APPS Cyberpanel filemanager Command Injection Attempt (CVE-2024-51568) (web_specific_apps.rules)
2057159 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (omegaarea .site) (exploit_kit.rules)
2057160 - ET MALWARE Win32/BugSleep CnC Checkin (malware.rules)
2057161 - ET MALWARE Win32/BugSleep Command Response From C2 (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2024/08/22 - v10672 Ruleset Updates	68	August 22, 2024
Ruleset Update Summary - 2024/01/25 - v10514 Ruleset Updates	335	January 25, 2024
Ruleset Update Summary - 2024/03/25 - v10559 Ruleset Updates	295	March 25, 2024
Ruleset Update Summary - 2024/07/19 - v10649 Ruleset Updates	148	July 19, 2024
Ruleset Update Summary - 2024/04/01 - v10564 Ruleset Updates	228	April 1, 2024