Thursday, June 24, 2021

Snort rule update for June 24, 2021

Cisco Talos' latest ruleset for SNORTⓇ is out now.

Today's rule update includes new rules to protect against CVE-2021-30657, a vulnerability in Mac OS Big Sur that could allow an attacker to create a malicious application that can bypass Gatekeeper checks. Apple officially disclosed and patched this vulnerability in May while acknowledging that it may have been exploited in the wild.

Here's a full breakdown of Thursday's release:

Shared object rulesModified shared object rulesNew rulesModified rules

There were no changes made to the snort.conf in this release.

Talos' rule release:

Talos has added and modified multiple rules in the and server-webapp rule sets to provide coverage for emerging threats from these technologies.

You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.