Friday, November 9, 2018

Critical Snort rule update for Adobe ColdFusion

Just released:
Snort Subscriber Rule Set Update for Nov. 9, 2018

Cisco Talos just released a critical SNORTⓇ rule release2. that provides coverage for a vulnerability in Adobe ColdFusion. Attackers are targeting unpatched versions of the web development platform by exploiting CVE-2018-15961.

Known as an "unauthenticated file upload," this bug allows the attackers to upload a backdoor and completely take over the infected system, likely preparing for a future attack. The new Snort rule, 48359, will protect against this file upload.

You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.