Tuesday, June 25, 2019

Snort rule update for June 25, 2019

Just released:
Snort Subscriber Rule Set Update for June 19, 2019

Cisco Talos released the latest SNORTⓇ rule set this morning. This release includes five new rules, two shared object rules and two modified rules.

This release provides protection from a recent Netwire variant spotted in the wild. Attackers have been delivering the malware through a zero-day vulnerability in the Mozilla Firefox web browser. Rules 50498 and 50500 prevent Netwire from downloading its final payload.

There were no changes made to the snort.conf in this release.

Thursday, June 20, 2019

Snort rule update for June 19, 2019

Just released:
Snort Subscriber Rule Set Update for June 19, 2019

Cisco Talos released the latest SNORTⓇ rule set overnight. This release includes 24 new rules, 10 of which are shared object rules. There are also four modified rules, two of which are shared object rules.

This release provides coverage for several vulnerabilities Cisco recently disclosed in its Prime Service Catalog and some RV routers. Several different models of RV routers contain bugs in their web-based interface that could allow malicious actors to carry out denial-of-service attacks.

There were no changes made to the snort.conf in this release.

Tuesday, June 18, 2019

Snort rule update for June 18, 2019

Just released:
Snort Subscriber Rule Set Update for June 18, 2019

Cisco Talos released the latest SNORTⓇ rule set today. This release includes 12 new rules and 10 modified, none of which are shared object rules.

This release provides protection against the new HiddenWasp malware, which has been spotted in the wild targeting Linux systems. This attack shares similarities with other, previous Linux malware. Researchers believe some of the code may have even copy and pasted from other actors.

There were no changes made to the snort.conf in this release.

Thursday, June 6, 2019

Snort rule update for June 6, 2019

Just released:
Snort Subscriber Rule Set Update for June 6, 2019

Cisco Talos released the latest SNORTⓇ rule set today. This release includes 46 new rules, two of which are shared object rules. There are no modified rules in this release.

In this release, we have new protections for a series of serious vulnerabilities in the Kace K1000 systems management appliance from Quest, as well as bugs in VMware.

There were no changes made to the snort.conf in this release.

Tuesday, June 4, 2019

Snort rule update for June 4, 2019

Just released:
Snort Subscriber Rule Set Update for June 4, 2019

Cisco Talos released the latest SNORTⓇ rule set today. This release includes 19 new rules, two of which are shared object rules. There are also two modified shared object rules.

This release provides coverage for a vulnerability in a popular WordPress plugin that's being exploited in the wild by attackers to inject malicious JavaScript into sites. There's also protection against a recently patched bug in Apple WebKit.

There were no changes made to the snort.conf in this release.