Tuesday, May 18, 2021

Snort rule update for May 18, 2021

Cisco Talos released the newest rule set for SNORTⓇ Tuesday morning.

This update includes a new rule to protect against the IcedID banking trojan by preventing the malware from making an outbound connection to its command and control (C2). 

Here's a breakdown of today's rule release:

Shared object rulesModified shared object rulesNew rulesModified rules
1   51317

There were no changes made to the snort.conf in this release.

Talos' rule release:
Talos has added and modified multiple rules in the browser-ie, file-java, file-other, malware-cnc, policy-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.