Snort Blog: December 2021

Tuesday, December 14, 2021

Snort rule update for Dec. 14, 2021 — Microsoft Patch Tuesday

The latest SNORT® rule release from Cisco Talos has arrived. This new round of rules provides coverage for many of the vulnerabilities covered in Microsoft Patch Tuesday.

For more details on the vulnerabilities Microsoft disclosed this month, view all of them on Microsoft's security update page. Since our researchers are heads-down working on the Log4j vulnerability, we were not able to release a full Patch Tuesday blog post this month on the Talos site.

Here's a breakdown of this afternoon's rule release:

Shared object rules	Modified shared object rules	New rules	Modified rules
0	0	39	7

Wednesday, December 8, 2021

The newest version of Snort 3 is available now — Here are the latest updates and features

The SNORTⓇ team recently released a new version of Snort 3 on Snort.org and the Snort 3 GitHub.

Snort 3.1.18.0 contains several new features and bug fixes. Here's a complete rundown of what's new in this version. Users are encouraged to update as soon as possible and to upgrade to Snort 3 if they have not already done so.

We are also excited to release a new installation guide for Snort 3 for Ubuntu 18 and 20. This guide teachers users on how to install Snort 2.1.17.0 on the aforementioned operating systems. A huge thanks to Noah Dietrich for his work on these guides as always.

Here's a rundown of all the changes and new features in this latest version of Snort 3.

Tuesday, December 7, 2021

Snort rule update for Dec. 7, 2021

The newest SNORTⓇ rule update from Cisco Talos is now available.

Tuesday's rule update includes multiple rules to protect against vulnerabilities that are being exploited in the wild. One such vulnerability is CVE-2021-44515 in the Zoho patch management software. If exploited, it could allow attackers to bypass authentication and execute arbitrary code. Snort rule 58696 detects if attackers try to upload a file as part of exploiting this vulnerability.

Here's a full breakdown of today's rule update:

Shared object rules	Modified shared object rules	New rules	Modified rules
7	0	17	353

Monday, December 6, 2021

Open-source version of Snort 2.9.19.0 available now

SNORTⓇ released its newest open-source version, 2.9.19.0, this morning.

You can download this version on Snort.org. As you may remember, version 2.9.18.0 reached its end-of-life last week, so anyone using that version should update immediately.