Cisco Talos released the latest SNORT® rule update Tuesday morning.
Today's release includes several new rules to protect against attacks from the LemonDuck threat group. Talos first discovered LemonDuck spreading cryptocurrency miners, but it has now shifted to targeting vulnerable Microsoft Exchange Servers to deploy ransomware.
Here's a breakdown of Tuesday's rule release:
|Shared object rules||Modified shared object rules||New rules||Modified rules|
subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.