Snort mailing list archives
Snort Subscriber Rules Update 2023-01-10
From: Research <research () sourcefire com>
Date: Tue, 10 Jan 2023 18:59:17 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Talos Snort Subscriber Rules Update Synopsis: Talos is aware of vulnerabilities affecting products from Microsoft Corporation. Details: Microsoft Vulnerability CVE-2023-21552: A coding deficiency exists in Microsoft Windows GDI that may lead to elevation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 61060 through 61061, Snort 2: GID 1, SID 300358. Microsoft Vulnerability CVE-2023-21674: A coding deficiency exists in Microsoft Windows Advanced Local Procedure Call (ALPC) that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 61062 through 61063, Snort 3: GID 1, SID 300359. Microsoft Vulnerability CVE-2023-21768: A coding deficiency exists in Microsoft Windows Ancillary Function Driver for WinSock that may lead to an escalation of privilege. Rules to detect attacks targeting these vulnerabilities are included in this release and are identified with: Snort 2: GID 1, SIDs 61064 through 61065, Snort 3: GID 1, SID 300360. Talos also has added and modified multiple rules in the malware-cnc, malware-other and server-webapp rule sets to provide coverage for emerging threats from these technologies. For a complete list of new and modified rules please see: https://www.snort.org/advisories -----BEGIN PGP SIGNATURE----- iQIcBAEBAgAGBQJjvbWDAAoJEGCbAk8rPt0H2NwQALcLk7YbPEDGSafhQm5FRAT6 UgBiTjGeDvo223NytSWyOilVejCHkFHPKUH+3zUG2rj4nnU43vlpvavQd96Be4mk /1gQSbslZ7LKpLnt/heInD43ODSKJxO1bzpVv8k/xz8wirITVpnT1zkrRBc6IHGY hsRj6H2bwzgqBrr7rP3vCuNxqlrTVyM/A+gxgdqEjGxzcT8q+QcF26kcnWUoNnd8 AHf0/a83+RqhH24g8G1ufKJNHkDhiWgiRBZyMmBdRVEVC8adz2k8nwTPHR0gk52G cJb/muhIfupyIXpqEVy8yfL52L2XphAFSCw08lmcAts7I7S2l1W9u4ASMZkKMXAN zWLucG90Gt7bZzh6qc53/dkwR2wRfDVt/IL8FxTrwRn3GCmCz3Dlkd95kz5jT7X5 go9tf6ihODB7LJ06BMpqz/mJZE1u+kcMTUJgaf91/eTa0AerS/n7MKjXSAfSB6gd PGNBxlOJXiGE+NjUqSlvVzTiVQdKlyT9Fnnlq5WtichajFPkooVb0BO80v23ToPu sbg+5iEL1YLPWT/56r/RNXyxD+rPKqokm+v5ith3sr36vJout7FmQ0AjtV+1/RLI VO7g1xAbBy7j87ojOrJHVCByi/18VgTI8dKQXpyIEzMIdnAiXOJVlhzZ0Q0ILS7Y tdvXi30lZ179qDKZxSpH =eC5S -----END PGP SIGNATURE----- _______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Subscriber Rules Update 2023-01-10 Research (Jan 10)