Tuesday, March 3, 2020

Snort rule update for March 3, 2020

Cisco Talos just released the latest SNORT® rule update for all users. Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected.

Today's release contains nine new rules and two modified rules.

This latest update primarily supplies new rules to protect against the newly discovered Mozart malware. The backdoor uses DNS to communicate with its creators and evade detection. Rules 53364 - 53373 prevent Mozart from connecting to a command and control server and downloading malicious PDFs.
Talos has added and modified multiple rules in the file-flash, malware-cnc, malware-other and server-other rule sets to provide coverage for emerging threats from these technologies.

You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.