Ruleset Update Summary - 2025/09/26 - v11025

rulesbot · September 26, 2025, 8:38pm

Summary:

9 new OPEN, 9 new PRO (9 + 0)

2064934 - ET HUNTING SonicWall Email Security Unauthenticated Arbitrary User Creation (CVE-2021-20021) M1 (hunting.rules)
2064935 - ET HUNTING SonicWall Email Security Unauthenticated Arbitrary User Creation (CVE-2021-20021) M2 (hunting.rules)
2064936 - ET WEB_SPECIFIC_APPS SonicWall Email Security Authenticated Directory Traversal in Branding Feature (CVE-2021-20023) (web_specific_apps.rules)
2064937 - ET WEB_SPECIFIC_APPS Palo Alto Expedition OS Command Injection (CVE-2025-0107) (web_specific_apps.rules)
2064938 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (slabbymenusportef .pw) (malware.rules)
2064939 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (slabbymenusportef .pw) in TLS SNI (malware.rules)
2064940 - ET WEB_SPECIFIC_APPS Palo Alto PAN-OS Reflected Cross-Site Scripting (CVE-2025-0133) (web_specific_apps.rules)
2064941 - ET EXPLOIT_KIT ZPHP Domain in DNS Lookup (morniksell .com) (exploit_kit.rules)
2064942 - ET EXPLOIT_KIT ZPHP Domain in TLS SNI (morniksell .com) (exploit_kit.rules)

2832745 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 431 (mobile_malware.rules)
2832746 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 432 (mobile_malware.rules)
2833804 - ETPRO MALWARE PS.APT.PhishDoc.TR Checkin 2 (malware.rules)
2834101 - ETPRO MALWARE MSIL/Murkios Bot CnC Keep-Alive (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2025/04/18 - v10909 Ruleset Updates	162	April 18, 2025
Ruleset Update Summary - 2023/11/01 - v10455 Ruleset Updates	359	November 1, 2023
Ruleset Update Summary - 2023/05/02 - v10313 Ruleset Updates	461	May 2, 2023
Ruleset Update Summary - 2024/09/25 - v10703 Ruleset Updates	114	September 25, 2024
Ruleset Update Summary - 2025/02/13 - v10859 Ruleset Updates	117	February 13, 2025