Cisco Talos released the newest SNORTⓇ rule set this morning.
This release includes eight new rules, four new shared object rules, two modified shared object rules and 20 modified rules.
Tuesday's release includes new rules protecting against a vulnerability in the WordPress Nexos plugin, along with a rule to prevent the Uppercut malware from downloading its payload.
We are excited to release a new guide on the Snort Resources page today to assist users with installing Snort 3.0.3 on CentOS.
By John Levy.
Snort 3 introduces many improvements to simplify rule-writing and increase rule syntax consistency, while at the same time increasing detection robustness and granularity. Converting Snort 2 rules to Snort 3 is a painless process, and this document, while not an exhaustive guide, walks users through some of the more fundamental and significant changes users will need to make to update their custom rules for Snort 3 compatibility.
Cisco Talos released the newest SNORTⓇ rule set this afternoon.
This release includes 14 new rules, 14 new shared object rules and 51 modified rules.
Thursday's release includes new protection against the Mekotio banking trojan, which disguises itself in a pop-up window. There is also coverage for several vulnerabilities Cisco disclosed in its IOS operating system today.
By Jon Munshaw.
We are thrilled to announce that Snort 3 is out of beta with the release candidate for Snort 3.0.3. Snort 3.1.0 general availability will be available in roughly a month.
Snort 3 has been in beta for several months now, and we would like to thank all the users who’ve provided us feedback during that period that we’ve used to polish this product.
By Steve Chew.
Snort 3 includes native support for Hyperscan pattern matching. Hyperscan is an open-source, high-performance, regular expression-matching library from Intel that runs on x86 platforms. It supports a large subset of the PCRE syntax and takes advantage of the Intel SIMD instructions. However, it is not yet available for ARM processors.
Hyperscan provides a significant boost for Snort 3's IPS fast pattern matching when compared to the other available search engines. Hyperscan is up to two times faster than the ac_full engine and three times faster than ac_bfna. Snort 3 will see the most benefit from Hyperscan when using a large ruleset and when doing deep flow inspection.
The Snort community welcomes a new version of PulledPork on GitHub today.
Version 0.7.4 now supports Snort 3 and points to the new, correct, location of the IP blocklist. PulledPork is a Perl script that allows users to download new rules as soon as new vulnerabilities or exploits are discovered.
Here are some of the other changes in this version:
Cisco Talos released the newest SNORTⓇ rule set this morning.
This release includes 43 new rules, three modified rules and two new shared object rules.
Thursday's release includes new protection against the Nitol backdoor, the Zeus (aka Zbot) trojan and more.
The newest SNORTⓇ ruleset is out this morning, courtesy of Cisco Talos.
The latest update is a big one. We've got 418 new rules, three modified rules and six new shared object rules.
Tuesday's release is packed with new rules to protect against a variety of malware families, including Zeus (aka Zbot), DarkKomet and Gh0stRAT. There is also new coverage for vulnerabilities in the Pulse VPN service. The U.S. Cybersecurity and Infrastructure Security Agency released a warning this week saying that state-sponsored actors are exploiting some previously disclosed vulnerabilities.
Cisco Talos released a new SNORTⓇ rule set yesterday. Our apologies, as this blog post is going up a day late.
The latest update includes 14 new rules.
Thursday's release included new protections against some notable malware families, including the Delf downloader, which was recently part of a spam campaign in Spain. There are also two rules targeting the DarkSide ransomware, which recently debuted using several professional techniques to give the group a more formal appearance.
The latest SNORT® rule release from Cisco Talos has arrived. This new round of rules provides coverage for all of the vulnerabilities covered in Microsoft Patch Tuesday.
Cisco Talos released a new SNORTⓇ rule set this afternoon.
The latest update includes 108 new rules and six new shared object rules.
Thursday's release deals mainly with malware. There are dozens of rules protecting against a variety of malware families, including Zusy, the Trickbot trojan and the infamous Emotet botnet.
This morning, Cisco Talos released a new SNORTⓇ rule set.
The latest update includes 19 new rules and two new shared object rules.