Tuesday, January 25, 2022

Snort rule update for Jan. 25, 2022 — And an update to our supported operating systems

The newest SNORTⓇ rule update from Cisco Talos is now available.

This release includes several rules to protect against malicious PHP command shells in Ajax that are sometimes used in cyber attacks. 

Here's a full breakdown of the rest of Tuesday's rule update:

Shared object rulesModified shared object rulesNew rulesModified rules
0140

Thursday, January 13, 2022

Snort rule update for Jan. 13, 2022

The newest SNORTⓇ rule update from Cisco Talos is now available.

Thursday morning's rule release includes new protections against the exploitation of a Log4shell-like vulnerability recently discovered in the popular H2 Java SQL database. Although the paths to exploiting this vulnerability are similar to the recent Log4j issue, the scope of execution is less broad.

Here's a full breakdown of the rest of today's rule update:

Shared object rulesModified shared object rulesNew rulesModified rules
022

Wednesday, January 12, 2022

Snort 3.1.20.0 available for download now

      

The SNORTⓇ team recently released a new version of Snort 3 on Snort.org and the Snort 3 GitHub.

 

Snort 3.1.20.0 contains several new features and bug fixes. Here's a complete rundown of what's new in this version. Users are encouraged to update as soon as possible and to upgrade to Snort 3 if they have not already done so.

Here's a rundown of all the changes and new features in this latest version of Snort 3.

Snort rule update for Jan. 11, 2022 — Microsoft Patch Tuesday

Cisco Talos released a new SNORT® ruleset Tuesday evening, providing coverage for many of the vulnerabilities covered in Microsoft Patch Tuesday.

For more details on the vulnerabilities Microsoft disclosed this month, view all of them on Microsoft's security update page. You can also read our breakdown of the most notable vulnerabilities on the Talos blog.

Here's a breakdown of Tuesday's rule release:

Shared object rulesModified shared object rulesNew rulesModified rules
00229