Tuesday, February 18, 2020

Snort rule update for Feb. 18, 2020

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 33 new rules, six new shared object rules and eight modified rules.

This rule update provides protection against a major new wave of malware that reportedly targeted a U.S. federal agency. Attackers are using the Syscon backdoor along with a variant of the Carrotbat malware to install malicious downloaders on victim's machines. New rules 53129 - 53144 perform various actions to prevent this malware from infecting victims and downloading any additional payloads.

Talos has added and modified multiple rules in the browser-chrome, browser-ie, browser-plugins, browser-webkit, file-pdf, malware-cnc, malware-other, malware-tools, protocol-scada and server-webapp rule sets to provide coverage for emerging threats from these technologies.

You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.