Thursday, December 27, 2018

Snort Subscriber Rule Set Update for 12/27/2018

Just released:
Snort Subscriber Rule Set Update for 12/27/2018


We welcome the introduction of the newest rule release from Talos. In this release we introduced 44 new rules of which 0 are Shared Object rules and made modifications to 51 additional rules of which 0 are Shared Object rules.

There were no changes made to the snort.conf in this release.

Talos would like to thank the following individuals for their contributions, their rules are included in the Community Ruleset


Talos's rule release:
Talos has added and modified multiple rules in the browser-ie, file-image, file-other, file-pdf, indicator-compromise, malware-cnc, malware-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://snort.org/products#rule_subscriptions. Make sure and stay up to date to catch the most emerging threats!

Thursday, December 20, 2018

Snort Subscriber Rule Set Update for 12/20/2018

Just released:
Snort Subscriber Rule Set Update for 12/20/2018


We welcome the introduction of the newest rule release from Talos. In this release we introduced 4 new rules of which 0 are Shared Object rules and made modifications to 6 additional rules of which 0 are Shared Object rules.

There were no changes made to the snort.conf in this release.



Talos's rule release:
Talos has added and modified multiple rules in the browser-ie rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://snort.org/products#rule_subscriptions. Make sure and stay up to date to catch the most emerging threats!

Wednesday, December 19, 2018

Snort rule update for Dec. 19, 2018

Just released:
Snort Subscriber Rule Set Update for Dec. 19, 2018

The newest SNORTⓇ rule set is here from Cisco Talos. In this release, we introduced 54 new rules, three of which are shared object rules. There are 10 modified rules in this release, none of which are shared object rules.

This release covers an out-of-band vulnerability that Microsoft disclosed Wednesday in Internet Explorer. An attacker could exploit this bug to execute code under the context of the logged-in user. Microsoft saw the vulnerability being used in targeted attacks.

For more information on this bug, check out our full post on the Talos blog here.

Tuesday, December 18, 2018

Snort rule update for Dec. 18, 2018

Just released:
Snort Subscriber Rule Set Update for Dec. 18, 2018

The newest SNORTⓇ rule set is here from Cisco Talos. In this release, we introduced 17 new rules, nine of which are shared object rules. There are 10 modified rules in this release, none of which are shared object rules.

This release primarily provides coverage for vulnerabilities in Adobe Acrobat Reader and Pro. Adobe disclosed 86 different bugs in its monthly security update last week.

Tuesday, December 11, 2018

Snort rule update for Dec. 11, 2018 — Microsoft Patch Tuesday

Just released:
Snort Subscriber Rule Set Update for Dec. 11, 2018

The newest SNORTⓇ rule set is here from Cisco Talos. In this release, we introduced 55 new rules, including 10 that are shared object rules. There are also three modified rules, none of which are shared object rules.

This release covers Microsoft Patch Tuesday, which included fixes for 38 vulnerabilities. You can read more about the bugs that Microsoft disclosed over at the Talos blog.

Tuesday, December 4, 2018

Snort rule update for Dec. 4, 2018

Just released:
Snort Subscriber Rule Set Update for Dec. 4, 2018

The newest SNORTⓇ rule set is here from Cisco Talos. In this release, we introduced nine new rules, five of which are shared object rules. There are no modified rules in this release.

This release provides coverage Zebrocy malware, which recently resurfaced in the wild, as well as a variant of the tRat malware that's being spread via malicious emails.