Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Subscriber Rules Update 2021-04-13

From: Research <research () sourcefire com>
Date: Tue, 13 Apr 2021 17:31:23 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
Talos is aware of vulnerabilities affecting products from Microsoft
Corporation.

Details:
Microsoft Vulnerability CVE-2021-28310:
A coding deficiency exists in Microsoft Win32k that may lead to an
escalation of privilege.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 57403 through 57404.

Microsoft Vulnerability CVE-2021-28324:
A coding deficiency exists in Microsoft SMB that may lead to
information disclosure.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 57411.

Microsoft Vulnerability CVE-2021-28325:
A coding deficiency exists in Microsoft SMB that may lead to
information disclosure.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 57414.

Talos also has added and modified multiple rules in the malware-cnc,
os-windows and server-webapp rule sets to provide coverage for emerging
threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJgddVrAAoJEGCbAk8rPt0HuSQQAL83Ngo2FScQehSkhFhnsPIZ
Q3sFOSNABysDLc4iVOG4nNMJSR0Bikg1HqMrnFCtzNJXB9FhAzGgST+C60I7xbSe
hqg1RNWixn2cO9kWADC6pLcIRmbYmDt5s3wLstyEQclQvId75wA3WCw8RpJok/kz
uyjrMLyH68BKX65PKgwE8E0u0/TbN4HNMbbNHVAT86Xa5ab5ML456mx41bLgzJsq
4YHbT4weKADiBhsb5rkUiX00qFzJifKQKyC8hU8dk/VfHlyy77ztwM9d7UtpTxXf
E9WXuAUIliraZG1ywax/jLPBBiAK9xmaSTe1TS7umwaXAZk7hLw1D3xtpK+Ron7D
5rcil7rUNXxQ7ZmyUVH7s2ywSw1U87iwoUhXA9kyPm9YDJM6ad9F7K024a2YDSLV
tEjsRrh6vwVbiZCJeI7matGXb3ciZVO7VGNJcMgHFcq7BN+0pd8VDZBV3oeFnovg
QqnWWEqnPIUOIeMhX4GkM3zfxlRjsFkwRq8s+Y4NtKjN7zBDD504cu5ghSZjs427
LZIjXN3kcOg5vIrr2b8LWw4pXlNjyeDf+mvLh6bjwfG359sjzkN4abgDFzzWacWA
x64f+2zko3X7M4JZKLVw3IPCTaEVDJC1095mXokMHk3DCPidQzWYHx7z7Mg213Zw
5XOQbblMCFwiZCwvgL0C
=Sqdk
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: