Tuesday, September 17, 2019

Snort OpenAppID Detectors have been updated

An update has been released today for the Snort OpenAppID Detector content.

This release, build 326, includes:
  • A total of 2,880 detectors. 
  • It also includes some additional detectors that came in from the open source community. For more details on which contributions were included, we have added them in the AUTHORS file in this package.
Available now for download from our downloads page, we look forward to you downloading and using the new features of 2.9.14.1's OpenAppID preprocessor and sharing your experiences with the community.

The OpenAppID package is also compatible with our Snort 3.0 release.

The OpenAppID community has a mailing list specifically dedicated to the exchange and discussion of detector content.  Please visit the mailing lists page to sign up.

Snort rule update for Sept. 17, 2019

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

This release contains 22 new rules and 20 modified ones.

Tuesday's release provides coverage for several different malware variants. Several new rules prevent these samples from making outbound connections to their command and control (C2) servers.

Tuesday, September 10, 2019

Snort rule update for Sept. 10, 2019: Microsoft Patch Tuesday

The latest SNORT® rule release from Cisco Talos was just released. This new round of rules provides coverage for all of the vulnerabilities covered in Microsoft Patch Tuesday.

For more details on the 85 vulnerabilities Microsoft disclosed this week, head to the Talos blog.

In all, this release includes 45 new rules, 53 modified rules and four new shared object rules.

Thursday, September 5, 2019

Reminder: New shared object rule builds now available

Just a reminder that, as we wrote back in August, there are new shared object rule builds available as of this week's builds.

Snort rule update for Sept. 5, 2019

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

This release contains 29 new rules, 12 modified rules, one new shared object rule and two shared object rules.

Thursday's release provides coverage for vulnerabilities in several different web browsers, including Microsoft Edge and Internet Explorer, Safari and Google Chrome.