Thursday, September 20, 2018

Snort rule update for Sept. 20, 2018

Just released:
Snort Subscriber Rule Set Update for Sept. 20, 2018

Tonight, Cisco Talos has released the latest SNORTⓇ rule update. In this release, we introduced 20 new rules, two of which are shared object rules. There are also four modified rules, none of which are shared object rules.

This release protects against a variety of malware, including the newly discovered Xbash malware, which combines the features of a cryptocurrency miner and ransomware. We also have coverage for three vulnerabilities in Cisco's Webex software that could allow an attacker to execute arbitrary code on a victim machine.

There were no changes made to the snort.conf in this release.

Talos's rule release:
Talos has added and modified multiple rules in the deleted, file-image, file-other, malware-cnc, malware-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 U.S. a year for personal users. Be sure and see our business pricing as well at https://snort.org/products#rule_subscriptions. Make sure and stay up to date to catch the most emerging threats.