Thursday, September 7, 2017

Snort Subscriber Rule Set Update for 09/06/2017, Apache Struts

Just released:
Snort Subscriber Rule Set Update for 09/06/2017

We welcome the introduction of the newest rule release from Talos. In this release we introduced 19 new rules of which 0 are Shared Object rules and made modifications to 47 additional rules of which 0 are Shared Object rules.

There were no changes made to the snort.conf in this release.

Talos's rule release:
A coding deficiency exists in Apache Struts that may lead to remote
code execution.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 44315.

Talos has added and modified multiple rules in the browser-firefox,
exploit-kit, file-identify, file-office, file-other, malware-cnc,
os-linux, os-windows and server-webapp rule sets to provide coverage
for emerging threats from these technologies.

In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at Make sure and stay up to date to catch the most emerging threats!