Cisco Talos just released the newest SNORTⓇ rule update.
This set of rules includes a bunch of new protection against a critical bug in the Cisco Security Manager software that could allow a remote attacker without credentials to execute arbitrary code on the victim's device. The latest Security Manager update also patches these exploits. There are two other high-severity vulnerabilities Cisco also disclosed this week.
|Shared object rules||Modified shared object rules||New rules||Modified rules|
snort.confin this release.
Talos's rule release:
Talos has added and modified multiple rules in the browser-webkit, file-image, file-office, indicator-shellcode, malware-backdoor, malware-cnc, malware-other, policy-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.