每日规则集更新摘要
每日规则集更新摘要2021/04/08

[***] 概括: [***]

13新开放,42新专业版(13 + 29)。强壮,浣熊偷窃师,
臭氧老鼠,asyncrat,各种phish。

谢谢:@baoshengbincumt

请分享问题,反馈和请求
https://fedback.emergingThreats.net/fedback.

[+++]添加规则:[+++]

打开:

2032531 - ET信息观察到XSPH .RU域(Info.rules)
2032532 - et current_events可能成功的通用Phish(Set)
2021-04-08(current_events.rules)
2032533 - ET Exploit趋势科技IWSVA未经身份验证的命令
注射入站(CVE-2020-8466)(Exploit.rules)
2032534 - et木马观察到ShorthPity CNC域
(TLS SNI中的HierarchicalFiles .com)(Trojan.rules)
2032535 - 特洛伊木马观察到ShorthPity CNC域
(TLS SNI中的决议图片)(Trojan.rules)
2032536 - et木马观察到ShorthPity CNC域(Pulmonyarea .com
在TLS SNI中)(Trojan.rules)
2032537 - et木马观察了ShorthPity CNC域(硬件优选
.com在tls sni中)(trojan.rules)
2032538 - et特洛伊Win32.RAccoon偷窃机CNC域在TLS SNI中
(Shehootastayonwhatshelirned .top)(Trojan.rules)
2032539 - et木马观察到ShorthPity CNC域(ApplicationRepo
.com在tls sni中)(trojan.rules)
2032540 - 特洛伊木马观察到ShorthPity CNC域
(TLS SNI中的UppertrainingTool.Com)(Trojan.rules)
2032541 - 特洛伊木马观察到ShorthPity CNC域
(TLS SNI中的HORITOPERATIONSYSTEMS .COM)(TROJAN.RULES)
2032542 - et特洛伊木马臭氧/浅鼠大鼠变体 - 客户满意(集)
(Trojan.rules)
2032543 - 等特洛伊木马臭氧/浅鼠大鼠变体 - 服务器Hello(Trojan.rules)

亲:

2848072 - etpro木马观察恶意SSL Cert(Asyncrat)(Trojan.rules)
2848073 - etpro木马观察恶意SSL Cert(Asyncrat)(Trojan.rules)
2848074 - etpro木马win32 / delfinject.pnh!MTB活动(Trojan.rules)
2848075 - etpro木马w32 / pswsteal.vbmt64数控活动(Trojan.rules)
2848076 - etpro木马w32 / pswsteal.vbmt64数控活性(Trojan.rules)
2848077 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 1)(Trojan.rules)
2848078 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 2)(Trojan.rules)
2848079 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 3)(Trojan.rules)
2848080 - etpro特洛伊干冰匠已知的恶意Stratum authline
(2021-04-08 4)(Trojan.rules)
2848081 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 5)(Trojan.rules)
2848082 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 6)(Trojan.rules)
2848083 - etpro特洛伊干鸡正在已知的恶意Stratum authline
(2021-04-08 7)(Trojan.rules)
2848084 - ETPRO Trojan Coinminer已知恶意Stratum Authline
(2021-04-08 8)(Trojan.rules)
2848085 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 9)(Trojan.rules)
2848086 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 10)(Trojan.rules)
2848087 - ETPRO Trojan Coinminer已知恶意Stratum Authline
(2021-04-08 11)(Trojan.rules)
2848088 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 12)(Trojan.rules)
2848089 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 13)(Trojan.rules)
2848090 - ETPRO Trojan Coinminer已知的恶意Stratum authline
(2021-04-08 14)(Trojan.rules)
2848091 - etpro current_events成功的特拉华大学
phish 2021-04-08(current_events.rules)
2848092 - etpro current_events成功的Microsoft帐户Phish
2021-04-08(current_events.rules)
2848093 - etpro current_events成功的scotiabank phish
2021-04-08(current_events.rules)
2848094 - etpro current_events成功的scotiabank phish
2021-04-08(current_events.rules)
2848095 - etpro current_events成功的scotiabank phish
2021-04-08(current_events.rules)
2848096 - etpro current_events成功netflix phish 2021-04-08
(current_events.rules)
2848097 - ETPRO Current_Events成功的公民银行Phish
2021-04-08(current_events.rules)
2848098 - etpro current_events成功的可能加密
钱包000Webhosapp托管Phish 2021-04-08(Current_Events.rules)
2848099 - etpro current_events成功的metrobank phish 2021-04-08
(current_events.rules)
2848100 - etpro木马win32 / Remcos Rat Checkin 703(Trojan.rules)

[///]修改了活动规则:[///]

2030565 - ET恶意软件Downer.B Variant Checkin(Malware.rules)
2828283 - etpro木马vjworm checkin(trojan.rules)
2843817 - etpro特洛伊木丁登录器数控活动(Trojan.rules)
2847936 - etpro木马MSIL / Bloodystealer CNC活动(Trojan.rules)

日期:
摘要标题:
13新开放,42新专业版(13 + 29)。强壮,浣熊偷窃师,臭氧老鼠,asyncrat,各种鼠标。