Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort Subscriber Rules Update 2020-04-16

From: Research <research () sourcefire com>
Date: Thu, 16 Apr 2020 20:49:26 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Cisco Talos has discovered a new malware campaign based on a previously
unknown family we're calling "PoetRAT." At this time, we do not believe
this attack is associated with an already known threat actor.
https://blog.talosintelligence.com/2020/04/poetrat-covid-19-lures.html.
Snort rules 53689-53691 will cover this.

Talos also has added and modified multiple rules in the browser-other,
malware-cnc and server-webapp rule sets to provide coverage for
emerging threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJemMTUAAoJEPE/nha8pb+t0HcQAJpdWJDsTVih1QWyjOPUD+vl
2GcvaEP6NBvHeZJrCSI4FKSoCUimastb0HdhkadlfcGs26JS0/s7vI28rnCUEUtz
gZ99r4E2fvpNpv9jzq4jeqwotXZ8OpK5JIozmxdITT+hupxn+5C/LfBAWxo1Umu8
ji2PgSpkL14vvKS4gX1Dz5+Xh5O08KCeGDwTqXM3wEvSG4ZOkOEZANKlaWpQAHP2
CsjG5QbEIjKSlo4ZBw+loOtJ2fZMiMnepHabtW354t7Jj91GqaXZoefgEwHWaIgi
Yb1LnNb6pJO0NMPPLHC+VXH7wSTlyL945GlHqX/VBGKwWekkH0lD+fMUOnskcJT/
ikW5Bwyit1C1kiBhMCDsg2DctfzDRhL9xKmceyGqIvt3aafenLon3apVR122E2OA
ml/+ECXjZsVA6i5hNnkw4nEe3u66gSnCypz8/VyZWBfvh3tdpU4NWwf0dEj5e9PP
c17rU38hAg8ZLILx7x6OHhXoGsuTNbgsss8Zf2oun8F9Y6u4LrAgJ9OBXHBk+T5z
6hQisIe9iYhir7ikvLeTduGyr3kOzeeh4mKvpGTuOnCpY8VF2fGgpRiwU1waVXkm
cdaUnhDkreVNURIZb2vl9SiqGPI4ZIRcOoH096xBOwiFSH2Em4tS7hVAzK9GwGfu
Uf9HhBmOqkZJFu8kRjQp
=/GZv
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: