Cisco Talos' latest ruleset for SNORTⓇ is out now.
Today's rule update includes new rules to protect against CVE-2021-30657, a vulnerability in Mac OS Big Sur that could allow an attacker to create a malicious application that can bypass Gatekeeper checks. Apple officially disclosed and patched this vulnerability in May while acknowledging that it may have been exploited in the wild.
Here's a full breakdown of Thursday's release:
| Shared object rules | Modified shared object rules | New rules | Modified rules |
|---|---|---|---|
| 0 | 0 | 3 | 0 |
There were no changes made to the snort.conf in this release.
Talos' rule release:
Talos has added and modified multiple rules in the and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.