Wednesday, February 26, 2020

Snort rule update for Feb. 26, 2020

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 82 new rules and eight modified rules.

This release primarily provides new coverage for two malware families: Zeroll and NetWire — the latter of which was recently associated with tax-theme spam campaigns and malicious IMG files.

After you're done adding the new rules today, head over to our shiny new Resources page. We've got improved documentation, as well as the new Snort 101 video series, which will teach you the basics of setting up Snort 2 and 3, and even dives a little into rule writing.
Talos has added and modified multiple rules in the browser-chrome, malware-cnc, malware-other, os-mobile, policy-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.

You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.