Snort Subscriber Rules Update 2021-07-26

[Research <research () sourcefire com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Today Talos is releasing coverage to detect exploitation attempts of
NTLM Relay Attacks on Active Directory Certificate Services AKA
SeriousSAM. Coverage is being released as SIDs 57965-57966.

Talos has added and modified multiple rules in the exploit-kit,
malware-cnc, os-other, os-windows, policy-other and server-webapp rule
sets to provide coverage for emerging threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJg/z0kAAoJEGCbAk8rPt0Hd9UQAKy0hb/5p6i+O+HjRDjNJg3K
4IrKULJ9YJMBF2IrmKdLzwdee1dN88ShEH2MYbrso9deRrdYMgXJ8fUa2GeKCKzL
pQ6oVO6uqE4JpfLZkSKz/ehQNfIKlYpqScukCJuW66qRAxTZx4ffCqlrZUmZRQ/d
aYcNdTEWZaNZ+4GG3I3sC+ThkarvCNw7VC9dovSH4yV2I7chU2NK0d54X1me+3hn
q8OtkBNOEEyYyYvZhb84+v5ZU/P4jAFsJ9lMxsugXoEakxwQrvPP80Yc+2YF/w/A
lfqsAw8ZyxEHVPZxWPORMgNa1mTnakjy/l8pmiIfv440ZLyUUSnUp2BafCAIdSCs
p70wQI/7xzQ26+oQvBpwLC2zYAgNsnmNNi37LquNXGmGY1lGOim2HK30qlYKn+8/
+MX0m1I2ggcyJliubsJYLc14EZHMRI6dnLGQdq6MnS5mUomCkLyH+3SmaYMXhY6h
ggfRYF3q9mASse9KgaujdEbhZPhHv2/kifqR1ev25IZcwr7MZEqWEgbgffsj/ygo
PU0R/Sou/+Jz5gvV4uDEayuf8hmsOULFbJr4c9pzxwaZEk0xAqRQ3aqpDHltkU00
XwxnAxeP7UFBF4eSclX015ymZCIX/Pp2pH+4rvvcP7KvOi3khDUIKnhDbte7CAah
P8+OkTQxbT26/8oOUMa1
=FiSK
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!