Ruleset Update Summary - 2026/05/05 - v11186

rulesbot · May 5, 2026, 8:25pm

Summary:

7 new OPEN, 9 new PRO (7 + 2)

2069165 - ET MALWARE TA569 Gholoader CnC Domain in DNS Lookup (images .tippytoespreschoolva .com) (malware.rules)
2069166 - ET MALWARE TA569 Gholoader CnC Domain in TLS SNI (images .tippytoespreschoolva .com) (malware.rules)
2069167 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (fourdigs .cyou) (malware.rules)
2069168 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (fourdigs .cyou) in TLS SNI (malware.rules)
2069169 - ET MALWARE MaskGramStealer CnC Checkin (GET) (malware.rules)
2069170 - ET MALWARE MaskGramStealer Encrypted Data Inbound (malware.rules)
2069171 - ET WEB_SERVER Cisco IOS Authenticated SNMP Remote Code Execution (CVE-2025-20352) (web_server.rules)

2867427 - ETPRO WEB_SPECIFIC_APPS Sawtooth Software Lighthouse Studio Template Injection via ciwweb.pl (CVE-2025-34300) (web_specific_apps.rules)
2867429 - ETPRO MALWARE Malicious Win32/NetSupport Rat CnC Checkin (malware.rules)

Topic	Replies	Views
Ruleset Update Summary - 2025/05/28 - v10935 Ruleset Updates	235	May 28, 2025
Ruleset Update Summary - 2025/04/01 - v10895 Ruleset Updates	96	April 1, 2025
Ruleset Update Summary - 2025/08/06 - v10987 Ruleset Updates	97	August 6, 2025
Ruleset Update Summary - 2025/06/12 - v10949 Ruleset Updates	131	June 12, 2025
Ruleset Update Summary - 2025/05/21 - v10932 Ruleset Updates	144	May 21, 2025