The SNORTⓇ team recently released a new version of Snort 3 on Snort.org and the Snort 3 GitHub.
Snort 3.1.13.0 contains several new features and bug fixes. Here's a complete rundown of what's new in this version. Users are encouraged to update as soon as possible and to upgrade to Snort 3 if they have not already done so.A new SNORTⓇ rule update is out this morning.
There are two rules in this package that protect against a zero-day vulnerability in the macOS Finder. An attacker could exploit this vulnerability by tricking a user into opening a specially crafted email attachment that executes arbitrary commands. Apple released an update for this issue, but it is still exploitable, according to security researchers.
Here's a full breakdown of Thursday's rule update:
| Shared object rules | Modified shared object rules | New rules | Modified rules |
|---|---|---|---|
| 6 | 1 | 20 | 1 |
Cisco Talos released the latest rule update for SNORTⓇ Tuesday morning.
We neglected to post about this Thursday, but there was also another rule update that Talos released late last week.
Here's a full breakdown of today's rule update:
| Shared object rules | Modified shared object rules | New rules | Modified rules |
|---|---|---|---|
| 0 | 1 | 14 | 1 |
The latest SNORT® rule release from Cisco Talos has arrived. This new round of rules provides coverage for many of the vulnerabilities covered in Microsoft Patch Tuesday.
| Shared object rules | Modified shared object rules | New rules | Modified rules |
|---|---|---|---|
| 2 | 0 | 17 | 4 |
The SNORTⓇ team recently released a new version of Snort 3 on Snort.org and the Snort 3 GitHub.
Snort 3.1.12.0 contains several new features and bug fixes. Here's a complete rundown of what's new in this version. Users are encouraged to update as soon as possible and to upgrade to Snort 3 if they have not already done so.The latest SNORT rule update is available this morning, including new coverage for the recently disclosed zero-day vulnerability in Microsoft MSHTML.
Users are encouraged to deploy SIDs 58120 – 58129 to detect and prevent the exploitation of CVE-2021-40444, which Microsoft disclosed earlier this week. If an adversary were to successfully exploit this vulnerability, they could remotely execute code on the victim machine or gain complete control. The Microsoft advisory also stated that proof-of-concept code for this vulnerability is available in the wild.
Here's a full breakdown of this rule update:
| Shared object rules | Modified shared object rules | New rules | Modified rules |
|---|---|---|---|
| 1 | 0 | 19 | 2 |
This is the notification that SNORTⓇ 2.9.18.0 will reach its End of Life (EOL) on Nov. 30, 2021. In accordance with our EOL policy, and reminders we've posted in the past, we are now giving users a 90-day warning.
Earlier this week, we released version 2.9.18.1, so users should upgrade to that as soon as possible. Alternatively, users can also upgrade to the latest version of Snort 3. For more on the benefits of Snort 3, click here.
Cisco Talos released the latest rule update for SNORTⓇ Thursday.
This release includes new protection against a critical vulnerability Cisco recently disclosed in its NFVIS software. There is a publicly available proof-of-concept exploit available for this vulnerability that could allow an attacker to bypass authentication and log in to a vulnerable device as an admin.
Here's a full breakdown of this rule update:
| Shared object rules | Modified shared object rules | New rules | Modified rules |
|---|---|---|---|
| 6 | 0 | 18 | 0 |
We released the latest version of Snort 2.9, SNORTⓇ version 2.9.18.1, this afternoon.
This version is a very small update that fixes a possible memory corruption issue in the SMB preprocessor. If you haven't already, we also encourage users to upgrade to Snort 3, which includes a new rule parser and rule syntax, support for multiple packet-processing threads, and much more.
Here's a rundown of what's new in 2.9.18.1:
SNORTⓇ released a new update today for its OpenAppID Detector content.
