Snort rule update for Jan. 26, 2021
The newest SNORTⓇ rule set is available this morning, courtesy of
Cisco Talos.
Tuesday's release includes rules protecting against a multitude
of malware families, including well-known threats like Emotet and
Zbot. There is also new coverage for the ElectroRAT trojan, which
was recently spotted in the wild trying to steal money from users' cryptocurrency
wallets.
Here's a breakdown of this morning's rule release:
.tg {border-collapse:collapse;border-spacing:0;} .tg
td{border-color:black;border-style:solid;border-width:1px;font-family:Arial,
sans-serif;font-size:14px; overflow:hidden;padding:10px
5px;word-break:normal;} .tg
th{border-color:black;border-style:solid;border-width:1px;font-family:Arial,
sans-serif;font-size:14px;
font-weight:normal;overflow:hidden;padding:10px
5px;word-break:normal;} .tg
.tg-6p4y{border-color:#efefef;font-weight:bold;text-align:left;vertical-align:top}
.tg
.tg-li6d{border-color:#efefef;text-align:center;vertical-align:top}
| Shared object rules |
Modified shared object rules |
New rules |
Modified rules |
| 12 |
2 |
40 |
1 |
There were
no changes made
to the
snort.conf in this
release.
Talos' rule release:
Talos has added and modified multiple rules in the file-other,
malware-cnc, malware-other and server-webapp rule sets to provide
coverage for emerging threats from these technologies.
You can
subscribe to Talos' newest rule detection
functionality for as low as $29 a year with a personal account. Be
sure and see our business pricing as well
here. The Snort 3 release is also here after years of
development and improvements. Upgrade
here.
