Tuesday, April 30, 2019

Snort rule update for April 30, 2019

Just released:
Snort Subscriber Rule Set Update for April 30, 2019

Cisco Talos just released the newest SNORT® rule set. This release includes 34 new rules, four of which are shared object rules. There are also seven modified rules, one of which is a shared object rules.

This release provides protection from attackers exploiting a zero-day vulnerability in Oracle WebLogic servers. Attackers are exploiting this bug to deliver a new ransomware called "Sodinokibi."

There were no changes made to the snort.conf in this release.

Talos's rule release:
Talos has added and modified multiple rules in the browser-ie, file-image, file-other, file-pdf, malware-cnc, malware-other, netbios, os-windows, policy-other, server-oracle and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.