Tuesday, September 18, 2018

Snort rule update for Sept. 18, 2018


Just released:
Snort Subscriber Rule Set Update for Sept. 18, 2018

The newest Snort rule update rule release was released this morning by Cisco Talos. In this release, we introduced 37 new rules, three of which are shared object rules. There are also 2,155 modified rules, none of which are shared object rules.

This release provides coverage for multiple bugs in Adobe ColdFusion and Flash Player, as well as the malware families njrat and DownloadGuide.

There were no changes made to the snort.conf in this release.

Talos's rule release:
Talos has added and modified multiple rules in the exploit-kit, file-flash, file-identify, file-image, file-java, file-multimedia, file-office, file-other, file-pdf, indicator-compromise, malware-backdoor, malware-cnc, malware-other, netbios, os-linux, os-mobile, os-other, os-windows, policy-other, protocol-dns, protocol-ftp, protocol-icmp, protocol-imap, protocol-rpc, protocol-scada, protocol-services, protocol-snmp, protocol-tftp, protocol-voip, pua-adware, pua-toolbars, server-apache, server-iis, server-mail, server-mssql, server-mysql, server-oracle, server-other and sql rule sets to provide coverage for emerging threats from these technologies.
In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 U.S. a year for personal users. Be sure and see our business pricing as well at https://snort.org/products#rule_subscriptions. Make sure and stay up to date to catch the most emerging threats.