Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Subscriber Rules Update 2021-09-09

From: Research <research () sourcefire com>
Date: Thu, 9 Sep 2021 13:15:28 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Today Talos is releasing coverage to detect exploitation attempts of
Microsoft Office ActiveX control abuse, designated under
CVE-2021-40444. Coverage is being released as SIDs 58120-58129 and
native Snort 3 SID 300049. Talos may release additional coverage in the
future as the situation develops and new guidance is created. 

Talos has added and modified multiple rules in the file-office,
malware-cnc, os-windows and server-webapp rule sets to provide coverage
for emerging threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJhOgjuAAoJEGCbAk8rPt0HOPIQAIHUpX+g6mUEoBZ0kRcVyB9m
QI9vqDYdcYYNeYzzxIBx8ZcsW6Imk7Afydkqa2sq902rz+Jkbq9wypfC0WgSYkNH
HzGtveDzFig55upamtn2qv7CYRVKyKAt85n7Dm7VDjzbxL8ubDoonKK+qmnWLVWt
QLBdvvabHLIrNrkPWPhqdunM0+eRuWP49c8CUbtSRizm+fMq8J5Kl1hHiSnAh0ng
d8/j17hpGiI+noeZ8EyXvPTJwvC1V88+jjDF1+SUP6rMuT5a8Bhf9dcG+mG0U/Mj
j/08/NnWVeEMjAmk/IFFMYLzaQv7UAzL859EZSlMk4IIW2fALWUIhs+CBW0BVryC
2RzMy4HJ69pGahJWsj6QuV5NBzU1Z+QeAzIlwhqiIfF8AJYaWGSPAji7MQtAtcjR
lVKVnc0eUjC/o3sfpr+VdSl5QGJ1TSpKVxXkP66FRWvFLWA+cG8KCMWguLBHuUvr
FW1jghfGraUcU3/+xhQEZCedaIXX9ZE3uoSDCM+2RTjXO9rAFLhBHJHLDEtV/Vym
CsO0vsCFQ5OgCdz7yXOcFTlUilkRgqwLTIudXH6HlUh299ahPYiTuTotWbhsxTHZ
AvQ+n7APcL1nqeIqbbDFDANf6ktHkBBIZ4536SwKcjEbQ1HXnMzX5ZYStZFcDkjn
0rZSyF2p5vOXZbPDoZ1S
=Sv/o
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: