The newest SNORTⓇ ruleset is out this morning, courtesy of Cisco Talos.
The latest update is a big one. We've got 418 new rules, three modified rules and six new shared object rules.
Tuesday's release is packed with new rules to protect against a variety of malware families, including Zeus (aka Zbot), DarkKomet and Gh0stRAT. There is also new coverage for vulnerabilities in the Pulse VPN service. The U.S. Cybersecurity and Infrastructure Security Agency released a warning this week saying that state-sponsored actors are exploiting some previously disclosed vulnerabilities.
Talos has added and modified multiple rules in the file-other, indicator-scan, malware-cnc and server-webapp rule sets to provide coverage for emerging threats from these technologies.