Tuesday, March 25, 2014

Sourcefire VRT Certified Snort Rules Update for 03/25/2014

Just released:
Sourcefire VRT Certified Snort Rules Update for 03/25/2014

We welcome the introduction of the newest rule release from the VRT. In this release we introduced 18 new rules and made modifications to 60 additional rules.

There were no changes made to the snort.conf in this release.

In VRT's rule release:
Microsoft Security Bulletin 2953095: A coding deficiency in Microsoft Word could lead to remote code execution. Previously released rules will detect attacks targeting this vulnerability and have been updated with the appropriate reference information. They are included in this release and are identified with GID 1, SIDs 24974 through 24975. 
The Sourcefire VRT has also added and modified multiple rules in the bad-traffic, blacklist, browser-chrome, browser-ie, chat, dos, exploit, exploit-kit, file-office, file-other, file-pdf, indicator-obfuscation, malware-backdoor, malware-cnc, multimedia, netbios, pua-adware, server-other, server-webapp, smtp and web-client rule sets to provide coverage for emerging threats from these technologies.

In order to subscribe now to the VRT's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at http://www.snort.org/store. Make sure and stay up to date to catch the most emerging threats!