Thursday, August 27, 2020

Snort rule update for Aug. 27, 2020

The newest SNORTⓇ rule set is here, courtesy of Cisco Talos.

The latest update includes 28 new rules, four modified rules and four new shared object rules.

Thursday's release includes coverage for the GoldenSpy malware, which was recently discovered hidden on tax software. There are also a few rules protecting against the recently discovered Duri campaign that delivers malware via HTML smuggling.
There were no changes made to the snort.conf in this release.

Talos's rule release:
Talos has added and modified multiple rules in the indicator-compromise, malware-cnc, malware-other, protocol-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.