Tuesday, November 17, 2020

Snort rule update for Nov. 17, 2020

Cisco Talos just released the newest SNORTⓇ rule update

This set of rules includes a bunch of new protection against a critical bug in the Cisco Security Manager software that could allow a remote attacker without credentials to execute arbitrary code on the victim's device. The latest Security Manager update also patches these exploits. There are two other high-severity vulnerabilities Cisco also disclosed this week.

Here's a breakdown of this afternoon's rule release:

Shared object rules Modified shared object rules New rules Modified rules
8 0 88 2

There were no changes made to the snort.conf in this release.

Talos's rule release:
Talos has added and modified multiple rules in the browser-webkit, file-image, file-office, indicator-shellcode, malware-backdoor, malware-cnc, malware-other, policy-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.