Wednesday, January 22, 2020

Snort rule update for Jan. 22, 2020

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains seven new rules, six modified rules and 16 new shared object rules.

This rule update primarily covers a series of vulnerabilities Cisco disclosed in several of its products, including Firepower Management Center, Smart Software Manager and the IOS XR software.

Area Under Construction: Snort documentation is getting a facelift


By Kri Dontje.

Changes will be popping up all over Snort.org to bring better support to every aspect of the Snort user experience. What sort of new things are coming?

  • Added context information and a new look for Snort rule documentation.
  • Reorganized and updated documentation.
  • Elasticsearch.
  • A surprise of the multi-media variety!

As these changes go into effect, Snort.org may experience growing pains. In particular, the search function will be limited for a few days during the change-over. Pardon the inconvenience over the next week or so while we change the Elasticsearch indexes.

After our updates are complete, we’ll keep you posted about the new features and go over where to find them.

Thursday, January 16, 2020

Snort rule update for Jan. 16, 2020

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 12 new rules, two modified shared object rules and 103 modified rules.

The latest rule update provides new coverage for several different malware families, including Whiteshadow, the Remcos botnet and a variant of the AgentTesla malware.

Tuesday, January 14, 2020

Snort rule update for Jan. 14, 2020: Microsoft Patch Tuesday

The latest SNORT® rule release from Cisco Talos has arrived. This new round of rules provides coverage for all of the vulnerabilities covered in Microsoft Patch Tuesday.

For more details on the vulnerabilities Microsoft disclosed this week, head to the Talos blog.

In all, this release includes 22 new rules and five modified rules.

Thursday, January 9, 2020

Snort rule update for Jan. 9, 2020

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 26 new rules, six modified rules and five new shared object rules.

The latest rule update provides several new protections against the ZeroCleare malware, a data-wiping attack recently deployed on an oil refinery in the Middle East. There is also new coverage for a variant of the Mirai botnet.

Tuesday, January 7, 2020

Snort rule update for Jan. 7, 2020

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains two new rules, both of which provide protection against the Xpert remote access tool.

Monday, January 6, 2020

Snort 2.9.15.1 has been released

We just released Snort minor bug update, version 2.9.15.1.  Take a look at the release notes below for more information:

2019-12-15 - Snort 2.9.15.1

New Additions
  • Added support for glibc version 2.30.
Improvements/Fix
  • Fixed Snort core seen during SSL re-configuration.
  • Fixed file access issues on files from SMB share.
Special thanks for this release go out to David Binderman for the reporting of an issue.

As always, feedback on this release and any other release may be sent to the Snort mailing lists.

You may download this latest version of Snort from our downloads site.