Tuesday, February 4, 2020

Snort rule update for Feb. 4, 2020

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains 14 new rules, 12 modified rules, 15 new shared object rules and two modified shared object rules.

This rule update provides protection against two major malware families recently discovered. Rules 53026 - 53030 provide coverage for the NetWire RAT, which disguises itself as a fake email from a legitimate business. 53023 - 53025 also covers a variant of the Ako ransomware.

Talos has added and modified multiple rules in the app-detect, file-image, file-office, file-other, malware-backdoor, malware-cnc, malware-other, policy-other, server-other and sql rule sets to provide coverage for emerging threats from these technologies.

You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.