The newest SNORTⓇ rule update from Cisco Talos is now available.
This release includes several rules to protect against malicious PHP command shells in Ajax that are sometimes used in cyber attacks.
Here's a full breakdown of the rest of Tuesday's rule update:
| Shared object rules | Modified shared object rules | New rules | Modified rules |
|---|---|---|---|
| 3 | 0 | 14 | 0 |
There were no changes made to the snort.conf in this release.
Cisco Talos' rule release:
Talos has added and modified multiple rules in the malware-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
We would also like to give everyone a head's up that we are working to update the list of supported operating systems for Snort. As of Feb. 15, 2022, the following operating systems will no longer be supported:
- Alpine 3.10 i386
- Alpine 3.10 x64
- CentOS 6 i386
- CentOS 6 x64
- CentOS 7 i386
- CentOS 7 x64
- Debian 8 i386
- Debian 8 x64
- Debian 9 i386
- Debian 9 x64
- FC 27 x64
- FC 30 x64
- FC 31 x64
- FreeBSD 11.1 i386
- FreeBSD 11.1 x64
- FreeBSD 12.0 x64
- OpenBSD 6.2 i386
- OpenBSD 6.2 x64
- OpenBSD 6.4 i386
- OpenBSD 6.4 x64
- OpenBSD 6.5 i386
- OpenBSD 6.5 x64
- OpenSUSE LEAP 42.3 x64
- OpenSUSE LEAP 15.0 x64
- OpenSUSE LEAP 15.1 x64
- RHEL 6 i386
- RHEL 6 x64
- Ubuntu 17.10 i386
- Ubuntu 17.10 x64
- Ubuntu 19.10 x64
Please reach out to one of our mailing lists if you have any questions.