Tuesday, November 26, 2019

Snort rule update for Nov. 26, 2019

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 22 new rules and 17 modified rules.

Included in this new rule set are is coverage for a high-severity vulnerability in Apache Solr, as well as protection against the Ursnif trojan when it attempts to download malicious documents.

Thursday, November 21, 2019

Snort rule update for Nov. 21, 2019

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 25 new rules, four modified rules and seven modified shared object rules.

This set of rules protects against a remote code execution vulnerability in the MDaemon email server application, and also protects against code execution attempts in Microsoft Excel.

Tuesday, November 19, 2019

Snort rule update for Nov. 19, 2019

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 26 new rules, one modified rule and four shared object rules.

This set of rules protects against a new variant of the Dridex malware and a trojan that's posing as a fake updater.

Thursday, November 14, 2019

Snort OpenAppID Detectors have been updated

SNORTⓇ released a new update today for the Snort OpenAppID Detector content.

This release — build 329 — includes:
  • A total of 2,890 detectors. 
  • It also includes some additional detectors that came in from the open-source community. For more details on which contributions were included, we have added them to the AUTHORS file in this package.
Available now for download from our downloads page, we look forward to you downloading and using the new features of 2.9.15.0's OpenAppID preprocessor and sharing your experiences with the community.

The OpenAppID package is also compatible with our Snort 3.0 release.

The OpenAppID community has a mailing list specifically dedicated to the exchange and discussion of detector content. Please visit the mailing lists page to sign up.

Snort rule update for Nov. 14, 2019

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 10 new rules, five modified rules and one new shared object rule.

This set of rules protects against an information disclosure vulnerability in Google Chrome's JavaScript V8 array. There is also a rule that prevents a variant of the long-standing DomaIQ malware from making an outbound connection to its command and control server.

Tuesday, November 12, 2019

Snort rule update for Nov. 12, 2019: Microsoft Patch Tuesday

The latest SNORT® rule release from Cisco Talos has arrived. This new round of rules provides coverage for all of the vulnerabilities covered in Microsoft Patch Tuesday.

For more details on the vulnerabilities Microsoft disclosed this week, head to the Talos blog.

In all, this release includes 89 new rules, seven modified rules and three shared object rules.

Thursday, November 7, 2019

Snort rule update for Nov. 7, 2019

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 32 new rules, 19 new shared object rules and 21 modified rules.

This set of rules provides protections against high-severity vulnerabilities in Cisco WebEx, and also covers a new variant of the Agent trojan.

Tuesday, November 5, 2019

Snort rule update for Nov. 5, 2019

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 20 new rules, seven new shared object rules and 12 modified rules.

Thursday's release provides coverage for vulnerabilities in LibeNMS and Adobe Flash Player.

We would also like to highlight a release we put out over the weekend, which included protections from a critical vulnerability in Google Chrome's audio component. The bug, identified as CVE-2019-13720, could allow an attacker to completely take over a victim machine.