Tuesday, July 6, 2021

Snort rule update for July 6, 2021 — Coverage for Kaseya supply chain attack

Cisco Talos released a new SNORTⓇ ruleset today, including a rule to protect against exploitation of the widespread Kaseya vulnerability. For more on this attack, head to the Talos blog.

Here's a full breakdown of Tuesday's release:

Shared object rulesModified shared object rulesNew rulesModified rules

There were no changes made to the snort.conf in this release.

Talos' rule release:

Talos has added and modified multiple rules in the indicator-compromise, malware-cnc, os-windows and server-other rule sets to provide coverage for emerging threats from these technologies.

You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.