Cisco Talos' latest ruleset for SNORTⓇ is out now.
Today's rule update includes new rules to protect against CVE-2021-30657, a vulnerability in Mac OS Big Sur that could allow an attacker to create a malicious application that can bypass Gatekeeper checks. Apple officially disclosed and patched this vulnerability in May while acknowledging that it may have been exploited in the wild.
Here's a full breakdown of Thursday's release:
|Shared object rules||Modified shared object rules||New rules||Modified rules|
There were no changes made to the
snort.conf in this release.
Talos' rule release:
Talos has added and modified multiple rules in the and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.