Snort rule update for June 10, 2021
SNORTⓇ's latest rule release is here, courtesy of Cisco
Talos.
Thursday's rule release includes several new rules to defend
against the DarkSide ransomware. These rules will specifically
detect any usage of a custom command and control framework the
ransomware's been known to utilize.
Here's a full breakdown of this release:
.tg {border-collapse:collapse;border-spacing:0;} .tg
td{border-color:black;border-style:solid;border-width:1px;font-family:Arial,
sans-serif;font-size:14px; overflow:hidden;padding:10px
5px;word-break:normal;} .tg
th{border-color:black;border-style:solid;border-width:1px;font-family:Arial,
sans-serif;font-size:14px;
font-weight:normal;overflow:hidden;padding:10px
5px;word-break:normal;} .tg
.tg-6p4y{border-color:#efefef;font-weight:bold;text-align:left;vertical-align:top}
.tg
.tg-li6d{border-color:#efefef;text-align:center;vertical-align:top}
| Shared object rules |
Modified shared object rules |
New rules |
Modified rules |
| 14 |
0 |
8 |
0 |
There were
no changes made
to the
snort.conf in this
release.
Talos' rule release:
Talos has added and modified multiple rules in the malware-cnc,
malware-other, os-other, policy-other and server-webapp rule sets
to provide coverage for emerging threats from these technologies.
You can
subscribe to Talos' newest rule detection
functionality for as low as $29 a year with a personal account. Be
sure and see our business pricing as well
here. The Snort 3 release is also here after years of
development and improvements. Upgrade
here.
