Cisco Talos released the newest SNORTⓇ ruleset this morning.
Thursday's rule update includes multiple protections against the exploitation of a critical, pre-authentication remote code execution vulnerability in ForgeRock’s Access Management. The vulnerability is patched, but attackers are still targeting vulnerable devices.
Here's a full breakdown of today's release:
|Shared object rules||Modified shared object rules||New rules||Modified rules|
There were no changes made to the
snort.conf in this release.
Talos' rule release:
Talos has added and modified multiple rules in the browser-ie and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.