Cisco Talos released a new SNORTⓇ rule set yesterday. Our apologies, as this blog post is going up a day late.
The latest update includes 14 new rules.
Thursday's release included new protections against some notable malware families, including the Delf downloader, which was recently part of a spam campaign in Spain. There are also two rules targeting the DarkSide ransomware, which recently debuted using several professional techniques to give the group a more formal appearance.
There were no changes made to the snort.conf in this release.
Talos's rule release: Talos has added and modified multiple rules in the malware-other rule sets to provide coverage for emerging threats from these technologies. You can subscribe to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here. Make sure and stay up to date to catch the most emerging threats.
