Thursday, November 19, 2020

Snort rule update for Nov. 19, 2020

A new rule update is out this morning for SNORTⓇ.

Cisco Talos' newest release includes new rules for the Cisco Integrated Management Controller that protect against a recently disclosed critical vulnerability. There are also new rules protecting against the exploitation of a different critical bug in Cisco's IoT Field Network Director that could allow an adversary to access the back-end database of the affected device and read, alter or drop information.

Here's a breakdown of this morning's rule release:

Shared object rules Modified shared object rules New rules Modified rules
11 5 18 1

There were no changes made to the snort.conf in this release.

Talos's rule release:
Talos has added and modified multiple rules in the browser-chrome, exploit-kit, file-image, malware-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.