Cisco Talos released the newest SNORTⓇ ruleset this morning.
Tuesday's rule update includes new rules to protect against the "Victory" backdoor recently being used by a state-sponsored APT as part of a surveillance operation. There are also new rules associated with the same attack that block an RTF file the attackers use with the RoyalRoad weaponizer.
Talos also released coverage for a recently disclosed vulnerability in Cisco's Adaptive Security Appliance that is being exploited in the wild.
Here's a full breakdown of today's release:
|Shared object rules
|Modified shared object rules