Snort Subscriber Rules Update 2024-02-20

[Research <research () sourcefire com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Talos is releasing coverage for a Microsoft Outlook vulnerability,
CVE-2024-21413, that could allow a leak of NTLM credentials,
potentially leading to remote code execution.
Snort 2: GID 1, SID 63053,
Snort 3: GID 1, SID 63053.

Talos also has added and modified multiple rules in the file-office,
malware-cnc and policy-other rule sets to provide coverage for emerging
threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJl1RBUAAoJEMzg39Iewam/1SMP/3D1+bYpjAoEUZLrmQ2xDcYn
AVMd3XKtEDgvAiC5jG2t5Geqpcj4yqXiowgUDFdh0jq80gHoCBuinO+wSL1VMwku
NWZApNUOg4aSUL15YNuJ04vy+nOUJjAPdKzlT/1NCl43+GeGIfuwA8qD1HUksKJK
lDHKJy+6ljPpHiCLq0hnth5UCmZtRINd7Ve+dKqERb/OX5ffsLVpOLFhxJG1T252
InmIDBcnmBonrzAhKmS4vyuMD+C7a3nrltY9eaKzBIRTn3PGIT1xiW60Dn19Lx0a
o2Y4/ZiYsG7hgL1HCvYh0ybVdt/PHigW/CPh4003X1rQJrb3dFPTgqAM+YNtzK4m
uXXmKYD5ZHYLzMHZ/hDUtelX+ECAGheF/UDtCoFYc4ixVaP4a1GVyaTsZmEloVDs
VXgwCKKyfJt+p6dl9O8vQKuKhC2CgI0Fseo3I5ycSndXeVogCw+RP/fcVEJcTJuZ
kc2aHDuVtqRQDmx7LsZJTatHREfYBllwCr67gwMcxSEN5KfIq0ebv/9bNGvQMqEq
TqzvQBk8fGMx29ew1oro8JBVA6fL6eUq9U2tzkh8oPd8rggqc5sZdBtF1QpqXFPw
WR1c8X/SkpNFeCpJTLjeTxQ5wlf3/au8WMZLCnpj8TixiFfogkWcqsxJVZ7bj+KB
yc8JXOjGoFwTGqszZyqq
=mK1M
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!