Tuesday, April 7, 2020

Snort rule update for April 7, 2020

This morning, Cisco Talos released the latest rule update for SNORTⓇ.

The latest release includes 15 new rules, one modified rule and 12 new shared object rules.

Some of the new rules include new protections against two critical vulnerabilities in the popular ThemeREX WordPress plugin. There is also coverage for a pair of critical use-after-free vulnerabilities in Mozilla Firefox that have been used recently in targeted attacks.

There were no changes made to the snort.conf in this release.
Talos has added and modified multiple rules in the browser-firefox, file-identify, file-multimedia, file-pdf, malware-other, protocol-tftp, protocol-voip and server-webapp rule sets to provide coverage for emerging threats from these technologies.
Talos's rule release:

Talos has added and modified multiple rules in the browser-chrome, deleted, file-other, malware-cnc, malware-other, os-windows and server-webapp rule sets to provide coverage for emerging threats from these technologies.

You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.