The newest rule update for SNORTⓇ is here, courtesy of Cisco Talos.
Thursday's release includes multiple rules to protect against the exploitation of a vulnerability recently identified in the VMware virtual machine software. VMware disclosed the vulnerability this week, warning an attacker could exploit it to execute shell commands on the underlying system.
Here's a breakdown of today's rule release:
|Shared object rules||Modified shared object rules||New rules||Modified rules|
snort.confin this release.
Talos' rule release:
Talos has added and modified multiple rules in the browser-firefox, file-executable, file-image, malware-cnc, os-other, os-windows and server-webapp rule sets to provide coverage for emerging threats from these technologies.