2018 in Snort Signatures
The cybersecurity field shifted quite a bit in 2018. With the boom of cryptocurrency, we saw a transition from ransomware to cryptocurrency miners. Talos researchers identified APT campaigns including VPNFilter, predominantly affecting small business and home office networking equipment, as well as Olympic Destroyer, apparently designed to disrupt the Winter Olympics.
But these headline-generating attacks were only a small part of the day-to-day protection provided by security systems. In this post, we’ll review some of the findings created by investigating the most frequently triggered SNORTⓇ signatures as reported by Cisco Meraki systems. These signatures protected our customers from some of the most common attacks that, even though they aren’t as widely known, could be just as disruptive as something like Olympic Destroyer. Snort is a free, open-source network intrusion prevention system. Cisco Talos provides new rule updates to Snort every week to protect against software vulnerabilities and the latest malware.
Read more at TalosIntelligence.com