Snort rule update for Feb. 18, 2021

The newest rule update for SNORTⓇ is here, courtesy of Cisco Talos. 

Thursday's release includes multiple rules to protect against the exploitation of a vulnerability recently identified in the VMware virtual machine software. VMware disclosed the vulnerability this week, warning an attacker could exploit it to execute shell commands on the underlying system.

Here's a breakdown of today's rule release:

Shared object rules	Modified shared object rules	New rules	Modified rules
6	1	12	3

There were no changes made to the snort.conf in this release.

Talos' rule release:

Talos has added and modified multiple rules in the browser-firefox, file-executable, file-image, malware-cnc, os-other, os-windows and server-webapp rule sets to provide coverage for emerging threats from these technologies.

You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.