community.emergingthreats.net Open in urlscan Pro
2602:fd3f:3:ff02::4b  Public Scan

URL: https://community.emergingthreats.net/t/ruleset-update-summary-2023-02-15-v10244/315
Submission: On July 03 via api from SK — Scanned from DE

Form analysis 1 forms found in the DOM

POST /login

<form id="hidden-login-form" method="post" action="/login" style="display: none;">
  <input name="username" type="text" id="signin_username">
  <input name="password" type="password" id="signin_password">
  <input name="redirect" type="hidden">
  <input type="submit" id="signin-button" value="Log In">
</form>

Text Content

Skip to main content

Sign Up Log In
 * 
 * 
   




RULESET UPDATE SUMMARY - 2023/02/15 - V10244

Ruleset Updates


You have selected 0 posts.

select all

cancel selecting

Feb 2023
1 / 1
Feb 2023

Feb 2023

rulesbot
Feb 2023



SUMMARY:

6 new OPEN, 130 new PRO (6 + 124)

The Emerging Threats mailing list is migrating to Discourse. Please visit us at
https://community.emergingthreats.net 1

We will announce the mailing list retirement date in the near future.

--------------------------------------------------------------------------------


ADDED RULES:


OPEN:

 * 2044206 - ET MALWARE OSX/iWebUpdate CnC Activity (malware.rules)
 * 2044207 - ET USER_AGENTS Observed Donot Group UA (Mozilla FireFox)
   (user_agents.rules)
 * 2044208 - ET MALWARE Donot Group Downloader Activity (GET) (malware.rules)
 * 2044209 - ET MALWARE Gamaredon Related Domain in DNS Lookup (gayado .ru)
   (malware.rules)
 * 2044210 - ET MALWARE Dalbit Group CnC Domain (m00nlight .top) in DNS Lookup
   (malware.rules)
 * 2044211 - ET MALWARE Dalbit Group CnC Domain (zxcss .com) in DNS Lookup
   (malware.rules)


PRO:

 * 2853382 - ETPRO EXPLOIT ManageEngine Unauthenticated RCE Attempt M3
   (CVE-2022-47966) (exploit.rules)
 * 2853383 - ETPRO EXPLOIT ManageEngine Unauthenticated RCE Attempt M4
   (CVE-2022-47966) (exploit.rules)
 * 2853384 - ETPRO EXPLOIT ManageEngine Unauthenticated RCE Attempt M7
   (CVE-2022-47966) (exploit.rules)
 * 2853385 - ETPRO EXPLOIT ManageEngine Unauthenticated RCE Attempt M5
   (CVE-2022-47966) (exploit.rules)
 * 2853386 - ETPRO EXPLOIT ManageEngine Unauthenticated RCE Attempt M6
   (CVE-2022-47966) (exploit.rules)
 * 2853387 - ETPRO EXPLOIT ManageEngine Unauthenticated RCE Attempt M8
   (CVE-2022-47966) (exploit.rules)
 * 2853388 - ETPRO EXPLOIT ManageEngine Unauthenticated RCE Attempt M9
   (CVE-2022-47966) (exploit.rules)
 * 2853389 - ETPRO HUNTING Common Java RCE Gadgets Observed M1 (hunting.rules)
 * 2853390 - ETPRO HUNTING Common Java RCE Gadgets Observed M2 (hunting.rules)
 * 2853391 - ETPRO HUNTING Common Java RCE Gadgets Observed M3 (hunting.rules)
 * 2853392 - ETPRO HUNTING Common Java RCE Gadgets Observed M4 (hunting.rules)
 * 2853393 - ETPRO HUNTING Common Java RCE Gadgets Observed M5 (hunting.rules)
 * 2853394 - ETPRO HUNTING Common Java RCE Gadgets Observed M6 (hunting.rules)
 * 2853395 - ETPRO HUNTING Common Java RCE Gadgets Observed M7 (hunting.rules)
 * 2853396 - ETPRO HUNTING Common Java RCE Gadgets Observed M8 (hunting.rules)
 * 2853397 - ETPRO HUNTING Common Java RCE Gadgets Observed M9 (hunting.rules)
 * 2853398 - ETPRO HUNTING Common Java RCE Gadgets Observed M10 (hunting.rules)
 * 2853399 - ETPRO HUNTING Common Java RCE Gadgets Observed M11 (hunting.rules)
 * 2853400 - ETPRO HUNTING Common Java RCE Gadgets Observed M12 (hunting.rules)
 * 2853401 - ETPRO HUNTING Common Java RCE Gadgets Observed M13 (hunting.rules)
 * 2853402 - ETPRO HUNTING Common Java RCE Gadgets Observed M14 (hunting.rules)
 * 2853403 - ETPRO HUNTING Common Java RCE Gadgets Observed M15 (hunting.rules)
 * 2853404 - ETPRO HUNTING Common Java RCE Gadgets Observed M16 (hunting.rules)
 * 2853405 - ETPRO HUNTING Common Java RCE Gadgets Observed M17 (hunting.rules)
 * 2853406 - ETPRO HUNTING Common Java RCE Gadgets Observed M18 (hunting.rules)
 * 2853407 - ETPRO HUNTING Common Java RCE Gadgets Observed M19 (hunting.rules)
 * 2853408 - ETPRO HUNTING Common Java RCE Gadgets Observed M20 (hunting.rules)
 * 2853409 - ETPRO HUNTING Common Java RCE Gadgets Observed M21 (hunting.rules)
 * 2853410 - ETPRO HUNTING Common Java RCE Gadgets Observed M22 (hunting.rules)
 * 2853411 - ETPRO HUNTING Common Java RCE Gadgets Observed M23 (hunting.rules)
 * 2853412 - ETPRO HUNTING Common Java RCE Gadgets Observed M24 (hunting.rules)
 * 2853413 - ETPRO HUNTING Common Java RCE Gadgets Observed M25 (hunting.rules)
 * 2853414 - ETPRO HUNTING Common Java RCE Gadgets Observed M26 (hunting.rules)
 * 2853415 - ETPRO HUNTING Common Java RCE Gadgets Observed M27 (hunting.rules)
 * 2853416 - ETPRO HUNTING Common Java RCE Gadgets Observed M28 (hunting.rules)
 * 2853417 - ETPRO HUNTING Common Java RCE Gadgets Observed M29 (hunting.rules)
 * 2853418 - ETPRO HUNTING Common Java RCE Gadgets Observed M30 (hunting.rules)
 * 2853419 - ETPRO HUNTING Common Java RCE Gadgets Observed M31 (hunting.rules)
 * 2853420 - ETPRO HUNTING Common Java RCE Gadgets Observed M32 (hunting.rules)
 * 2853421 - ETPRO HUNTING Common Java RCE Gadgets Observed M33 (hunting.rules)
 * 2853422 - ETPRO HUNTING Common Java RCE Gadgets Observed M34 (hunting.rules)
 * 2853423 - ETPRO HUNTING Common Java RCE Gadgets Observed M35 (hunting.rules)
 * 2853424 - ETPRO HUNTING Common Java RCE Gadgets Observed M36 (hunting.rules)
 * 2853425 - ETPRO HUNTING Common Java RCE Gadgets Observed M37 (hunting.rules)
 * 2853426 - ETPRO HUNTING Common Java RCE Gadgets Observed M38 (hunting.rules)
 * 2853427 - ETPRO HUNTING Common Java RCE Gadgets Observed M39 (hunting.rules)
 * 2853428 - ETPRO HUNTING Common Java RCE Gadgets Observed M40 (hunting.rules)
 * 2853429 - ETPRO HUNTING Common Java RCE Gadgets Observed M41 (hunting.rules)
 * 2853430 - ETPRO HUNTING Common Java RCE Gadgets Observed M42 (hunting.rules)
 * 2853431 - ETPRO HUNTING Common Java RCE Gadgets Observed M43 (hunting.rules)
 * 2853432 - ETPRO HUNTING Common Java RCE Gadgets Observed M44 (hunting.rules)
 * 2853433 - ETPRO HUNTING Common Java RCE Gadgets Observed M45 (hunting.rules)
 * 2853434 - ETPRO HUNTING Common Java RCE Gadgets Observed M46 (hunting.rules)
 * 2853435 - ETPRO HUNTING Common Java RCE Gadgets Observed M47 (hunting.rules)
 * 2853436 - ETPRO HUNTING Common Java RCE Gadgets Observed M48 (hunting.rules)
 * 2853437 - ETPRO HUNTING Common Java RCE Gadgets Observed M49 (hunting.rules)
 * 2853438 - ETPRO HUNTING Common Java RCE Gadgets Observed M50 (hunting.rules)
 * 2853439 - ETPRO HUNTING Common Java RCE Gadgets Observed M51 (hunting.rules)
 * 2853440 - ETPRO HUNTING Common Java RCE Gadgets Observed M52 (hunting.rules)
 * 2853441 - ETPRO HUNTING Common Java RCE Gadgets Observed M53 (hunting.rules)
 * 2853442 - ETPRO HUNTING Common Java RCE Gadgets Observed M54 (hunting.rules)
 * 2853443 - ETPRO HUNTING Common Java RCE Gadgets Observed M55 (hunting.rules)
 * 2853444 - ETPRO HUNTING Common Java RCE Gadgets Observed M56 (hunting.rules)
 * 2853445 - ETPRO HUNTING Common Java RCE Gadgets Observed M57 (hunting.rules)
 * 2853446 - ETPRO HUNTING Common Java RCE Gadgets Observed M58 (hunting.rules)
 * 2853447 - ETPRO HUNTING Common Java RCE Gadgets Observed M59 (hunting.rules)
 * 2853448 - ETPRO HUNTING Common Java RCE Gadgets Observed M60 (hunting.rules)
 * 2853449 - ETPRO HUNTING Common Java RCE Gadgets Observed M61 (hunting.rules)
 * 2853450 - ETPRO HUNTING Common Java RCE Gadgets Observed M62 (hunting.rules)
 * 2853451 - ETPRO HUNTING Common Java RCE Gadgets Observed M63 (hunting.rules)
 * 2853452 - ETPRO HUNTING Common Java RCE Gadgets Observed M64 (hunting.rules)
 * 2853453 - ETPRO HUNTING Common Java RCE Gadgets Observed M65 (hunting.rules)
 * 2853454 - ETPRO HUNTING Common Java RCE Gadgets Observed M66 (hunting.rules)
 * 2853455 - ETPRO HUNTING Common Java RCE Gadgets Observed M67 (hunting.rules)
 * 2853456 - ETPRO HUNTING Common Java RCE Gadgets Observed M68 (hunting.rules)
 * 2853457 - ETPRO HUNTING Common Java RCE Gadgets Observed M69 (hunting.rules)
 * 2853458 - ETPRO HUNTING Common Java RCE Gadgets Observed M70 (hunting.rules)
 * 2853459 - ETPRO HUNTING Common Java RCE Gadgets Observed M71 (hunting.rules)
 * 2853460 - ETPRO HUNTING Common Java RCE Gadgets Observed M72 (hunting.rules)
 * 2853461 - ETPRO HUNTING Common Java RCE Gadgets Observed M73 (hunting.rules)
 * 2853462 - ETPRO HUNTING Common Java RCE Gadgets Observed M74 (hunting.rules)
 * 2853463 - ETPRO HUNTING Common Java RCE Gadgets Observed M75 (hunting.rules)
 * 2853464 - ETPRO HUNTING Common Java RCE Gadgets Observed M76 (hunting.rules)
 * 2853465 - ETPRO HUNTING Common Java RCE Gadgets Observed M77 (hunting.rules)
 * 2853466 - ETPRO HUNTING Common Java RCE Gadgets Observed M78 (hunting.rules)
 * 2853467 - ETPRO HUNTING Common Java RCE Gadgets Observed M79 (hunting.rules)
 * 2853468 - ETPRO HUNTING Common Java RCE Gadgets Observed M80 (hunting.rules)
 * 2853469 - ETPRO HUNTING Common Java RCE Gadgets Observed M81 (hunting.rules)
 * 2853470 - ETPRO HUNTING Common Java RCE Gadgets Observed M82 (hunting.rules)
 * 2853471 - ETPRO HUNTING Common Java RCE Gadgets Observed M83 (hunting.rules)
 * 2853472 - ETPRO HUNTING Common Java RCE Gadgets Observed M84 (hunting.rules)
 * 2853473 - ETPRO HUNTING Common Java RCE Gadgets Observed M85 (hunting.rules)
 * 2853474 - ETPRO HUNTING Common Java RCE Gadgets Observed M86 (hunting.rules)
 * 2853475 - ETPRO HUNTING Common Java RCE Gadgets Observed M87 (hunting.rules)
 * 2853476 - ETPRO HUNTING Common Java RCE Gadgets Observed M88 (hunting.rules)
 * 2853477 - ETPRO HUNTING Common Java RCE Gadgets Observed M89 (hunting.rules)
 * 2853478 - ETPRO HUNTING Common Java RCE Gadgets Observed M90 (hunting.rules)
 * 2853479 - ETPRO HUNTING Common Java RCE Gadgets Observed M91 (hunting.rules)
 * 2853480 - ETPRO HUNTING Common Java RCE Gadgets Observed M92 (hunting.rules)
 * 2853481 - ETPRO HUNTING Common Java RCE Gadgets Observed M93 (hunting.rules)
 * 2853482 - ETPRO HUNTING Common Java RCE Gadgets Observed M95 (hunting.rules)
 * 2853483 - ETPRO HUNTING Common Java RCE Gadgets Observed M96 (hunting.rules)
 * 2853484 - ETPRO HUNTING Common Java RCE Gadgets Observed M97 (hunting.rules)
 * 2853485 - ETPRO HUNTING Common Java RCE Gadgets Observed M98 (hunting.rules)
 * 2853486 - ETPRO HUNTING Common Java RCE Gadgets Observed M99 (hunting.rules)
 * 2853487 - ETPRO HUNTING Common Java RCE Gadgets Observed M100 (hunting.rules)
 * 2853488 - ETPRO HUNTING Common Java RCE Gadgets Observed M101 (hunting.rules)
 * 2853489 - ETPRO HUNTING Common Java RCE Gadgets Observed M102 (hunting.rules)
 * 2853490 - ETPRO HUNTING Common Java RCE Gadgets Observed M103 (hunting.rules)
 * 2853491 - ETPRO HUNTING Common Java RCE Gadgets Observed M104 (hunting.rules)
 * 2853492 - ETPRO HUNTING Common Java RCE Gadgets Observed M105 (hunting.rules)
 * 2853493 - ETPRO HUNTING Common Java RCE Gadgets Observed M106 (hunting.rules)
 * 2853494 - ETPRO HUNTING Common Java RCE Gadgets Observed M107 (hunting.rules)
 * 2853495 - ETPRO HUNTING Common Java RCE Gadgets Observed M108 (hunting.rules)
 * 2853496 - ETPRO HUNTING Common Java RCE Gadgets Observed M109 (hunting.rules)
 * 2853497 - ETPRO HUNTING Common Java RCE Gadgets Observed M110 (hunting.rules)
 * 2853498 - ETPRO HUNTING Common Java RCE Gadgets Observed M111 (hunting.rules)
 * 2853499 - ETPRO HUNTING Common Java RCE Gadgets Observed M112 (hunting.rules)
 * 2853500 - ETPRO HUNTING Common Java RCE Gadgets Observed M113 (hunting.rules)
 * 2853501 - ETPRO HUNTING Common Java RCE Gadgets Observed M114 (hunting.rules)
 * 2853502 - ETPRO HUNTING Common Java RCE Gadgets Observed M115 (hunting.rules)
 * 2853503 - ETPRO HUNTING Common Java RCE Gadgets Observed M116 (hunting.rules)
 * 2853504 - ETPRO HUNTING Common Java RCE Gadgets Observed M117 (hunting.rules)
 * 2853505 - ETPRO COINMINER CoinMiner Known Malicious Stratum Authline
   (2023-02-15 1) (coinminer.rules)

--------------------------------------------------------------------------------


DISABLED AND MODIFIED RULES:

 * 2033908 - ET MALWARE Maldoc OneDrive Download Activity (GET) (malware.rules)
 * 2034147 - ET MALWARE Gamaredon Related Maldoc Activity (GET) (malware.rules)
 * 2034156 - ET MALWARE Gamaredon Maldoc Remote Template Retrieval (GET)
   (malware.rules)
 * 2034157 - ET MALWARE Gamaredon Maldoc Remote Template Retrieval (GET)
   (malware.rules)
 * 2849844 - ETPRO PHISHING Successful US IRS Phish 2021-09-03 (phishing.rules)
 * 2849982 - ETPRO PHISHING Successful Huntington Bank Phish 2021-09-15
   (phishing.rules)








Reply




RELATED TOPICS

Topic Replies Views Activity Ruleset Update Summary - 2023/01/19 - v10224
Ruleset Updates
0 361 Jan 2023 Ruleset Update Summary - 2023/01/27 - v10231
Ruleset Updates
0 343 Jan 2023 Ruleset Update Summary - 2022/11/16 - v10174
Ruleset Updates
0 302 Nov 2022 Ruleset Update Summary - 2023/01/13 - v10220
Ruleset Updates
0 252 Jan 2023 Ruleset Update Summary - 2023/03/24 - v10277
Ruleset Updates
0 296 Mar 2023








Invalid date Invalid date