Cisco Blogs

2018 in Snort Signatures

February 6, 2019 - 0 Comments

The cybersecurity field shifted quite a bit in 2018. With the boom of cryptocurrency, we saw a transition from ransomware to cryptocurrency miners. Talos researchers identified APT campaigns including VPNFilter, predominantly affecting small business and home office networking equipment, as well as Olympic Destroyer, apparently designed to disrupt the Winter Olympics.

But these headline-generating attacks were only a small part of the day-to-day protection provided by security systems. In this post, we’ll review some of the findings created by investigating the most frequently triggered SNORTⓇ signatures as reported by Cisco Meraki systems. These signatures protected our customers from some of the most common attacks that, even though they aren’t as widely known, could be just as disruptive as something like Olympic Destroyer. Snort is a free, open-source network intrusion prevention system. Cisco Talos provides new rule updates to Snort every week to protect against software vulnerabilities and the latest malware.


Leave a comment

We'd love to hear from you! Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed and HTML formatting will not appear.