There are two rules in this package that protect against a
zero-day vulnerability in the macOS
Finder. An attacker could exploit this vulnerability by
tricking a user into opening a specially crafted email attachment
that executes arbitrary commands. Apple released an update for this
issue, but it is still exploitable, according to security
researchers.
Here's a full breakdown of Thursday's rule update:
There were no changes made
to the snort.conf in this
release.
Cisco Talos' rule release:
Talos has added and modified multiple rules in the browser-ie,
file-other, malware-cnc, malware-other, os-other, os-windows and
server-other rule sets to provide coverage for emerging threats
from these technologies.
You can subscribe to Talos' newest rule detection
functionality for as low as $29 a year with a personal account. Be
sure and see our business pricing as well here. The Snort 3 release is also here after years of
development and improvements. Upgrade here.