ET PHISHING Successful Zoom.us Phish 2021-10-25

7.0.35.0SID: 2034245Rev: 3Enabled1 views
Sourceet/open
Fileemerging-phishing.rules
CreatedOctober 25, 2021
UpdatedMarch 26, 2024
Classificationcredential-theft
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET PHISHING Successful Zoom.us Phish 2021-10-25"; flow:established,to_client; flowbits:isset,ET.genericphish; http.stat_code; content:"302"; http.location; bsize:22; content:"https://static.zoom.us"; fast_pattern; reference:md5,eb5994afdc8da491c862867784956a5b; classtype:credential-theft; sid:2034245; rev:3; metadata:attack_target Client_Endpoint, created_at 2021_10_25, deployment Perimeter, confidence High, signature_severity Critical, tag Phishing, updated_at 2024_03_26, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1566, mitre_technique_name Phishing;)

References

md5
eb5994afdc8da491c862867784956a5b

Metadata

attack targetClient_Endpoint
created at2021_10_25
deploymentPerimeter
confidenceHigh
signature severityCritical
tagPhishing
updated at2024_03_26
mitre tactic idTA0001
mitre tactic nameInitial_Access
mitre technique idT1566
mitre technique namePhishing

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!