Tuesday, September 1, 2020

Snort rule update for Sept. 1, 2020

This morning, Cisco Talos released a new SNORTⓇ rule set

The latest update includes 19 new rules and two new shared object rules.

Tuesday's release provides multiple new rules defending against the Lockbit ransomware. The ransomware-as-a-service was most recently spotted targeting users with COVID-19-themed lures

There were no changes made to the snort.conf in this release.

Talos's rule release: 
Talos has added and modified multiple rules in the file-other, malware-other, malware-tools and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.