Friday, July 29, 2016

Snort++ Update

Pushed build 204 to github (snortadmin/snort3):

  • fixed issue with icmp_seq and icmp_id field matching
  • fixed off-by-1 line number in rule parsing errors
  • fix cmake make check issue with new_http_inspect
  • added new_http_inspect unbounded POST alert

Thursday, July 28, 2016

Snort Subscriber Rule Set Update for 07/28/2016

Just released:
Snort Subscriber Rule Set Update for 07/28/2016

We welcome the introduction of the newest rule release from Talos. In this release we introduced 10 new rules and made modifications to 14 additional rules.

There were no changes made to the snort.conf in this release.

Talos would like to thank the following individuals for their contributions, their rules are included in the Community Ruleset:

rmkml
39737

Avery Tarasov
39738

Yaser Mansour
39705



Talos's rule release:
Talos has added and modified multiple rules in the blacklist, file-executable, file-other, malware-backdoor, malware-cnc, malware-other, pua-adware and sql rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!

Wednesday, July 27, 2016

Snort Subscriber Rule Set Update for 07/26/2016

Snort Subscriber Rule Set Update for 07/26/2016


We welcome the introduction of the newest rule release from Talos. In this release we introduced 23 new rules and made modifications to 5 additional rules.

There were no changes made to the snort.conf in this release.

Talos would like to thank the following individuals for their contributions, their rules are included in the Community Ruleset:

Yaser Mansour
37929


Talos's rule release:
Talos has added and modified multiple rules in the blacklist, file-flash, file-image, file-pdf, indicator-compromise, malware-cnc, malware-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!

Friday, July 22, 2016

Snort++ Update

Pushed build 203 to github (snortadmin/snort3):

  • add oversize directory alert to new_http_inspect
  • add appid counts for mdns, timbuktu, battlefield, bgp, and netbios services
  • continue smb port - write and close command, deprecated dialect check, smb fingerprint
  • fix outstanding strndup calls


Snort Subscriber Rule Set Update for 07/21/2016

Just released:
Snort Subscriber Rule Set Update for 07/21/2016


We welcome the introduction of the newest rule release from Talos. In this release we introduced 36 new rules and made modifications to 9 additional rules.

There were no changes made to the snort.conf in this release.

Talos would like to thank the following individuals for their contributions, their rules are included in the Community Ruleset:

Yaser Mansour
39705



Talos's rule release:
Talos has added and modified multiple rules in the blacklist, browser-ie, browser-other, exploit-kit, file-flash, file-image, file-other, file-pdf, malware-cnc, pua-adware and server-webapp rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!

Tuesday, July 19, 2016

Snort Subscriber Rule Set Update for 07/19/2016

Just released:
Snort Subscriber Rule Set Update for 07/19/2016


We welcome the introduction of the newest rule release from Talos. In this release we introduced 41 new rules and made modifications to 7 additional rules.

There were no changes made to the snort.conf in this release.

Talos's rule release:
Talos has added and modified multiple rules in the blacklist, exploit-kit, file-flash, file-image, file-other, file-pdf, malware-cnc, malware-other, malware-tools and server-webapp rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!

Saturday, July 16, 2016

Snort Subscriber Rule Set Update for 07/14/2016

Just released:
Snort Subscriber Rule Set Update for 07/14/2016


We welcome the introduction of the newest rule release from Talos. In this release we introduced 63 new rules and made modifications to 8 additional rules.

There were no changes made to the snort.conf in this release.

Talos would like to thank the following individuals for their contributions, their rules are included in the Community Ruleset:

Yaser Mansour
39573
39574
39575
39576
39577
39578
39579
39580
39581
39582
39583


Talos's rule release:
Talos has added and modified multiple rules in the exploit-kit, file-flash, file-image, file-multimedia, malware-cnc, pua-adware and server-webapp rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!