Thursday, April 29, 2021

Snort rule update for April 29, 2021

Cisco Talos just released the latest SNORTⓇ rule update.

Thursday's release includes protection against the exploitation of a recently disclosed vulnerability in Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software. An adversary could exploit this vulnerability to cause a denial-of-service condition on a client's VPN connection if they're using an affected version of the Cisco Secure Client. 

Here's a breakdown of this rule release:

Shared object rulesModified shared object rulesNew rulesModified rules

There were no changes made to the snort.conf in this release.

Talos' rule release:
Talos has added and modified multiple rules in the browser-ie, file-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.