The newest SNORTⓇ rule update is available this morning from Cisco Talos.
Our rule release includes detection content for several different malware families, including the AndroSpy backdoor and Quasar RAT, a .NET-based malware used by a variety of attackers.
Here's a full breakdown of the rest of Tuesday's rule update:
|Shared object rules||Modified shared object rules||New rules||Modified rules|
There were no changes made
snort.conf in this
Cisco Talos' rule release:
Talos has added and modified multiple rules in the file-office, file-pdf, malware-cnc and server-webapp rule sets to provide coverage for emerging threats from these technologies.
You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. The Snort 3 release is also here after years of development and improvements. Upgrade here.