Cisco Talos released the newest rule set for SNORTⓇ Tuesday morning.
This update includes a new rule to protect against the IcedID banking trojan by preventing the malware from making an outbound connection to its command and control (C2).
Here's a breakdown of today's rule release:
|Shared object rules
|Modified shared object rules
snort.conf in this release.
Talos' rule release:
Talos has added and modified multiple rules in the browser-ie, file-java, file-other, malware-cnc, policy-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.