Snort

June 1, 2021

SECURITY

Snort 3: Rearchitected for Simplicity and Performance

Snort has become the standard by which all network intrusion detection systems are measured. Snort 3, released in January 2021 is a significant upgrade.

September 28, 2020

THREAT RESEARCH

Microsoft Netlogon exploitation continues to rise

Cisco Talos is tracking a spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, an elevation of privilege bug in Netlogon, outlined in the August Microsoft Patch Tuesday report. The vulnerability stems from a flaw in a cryptographic authentication scheme used by the Netlogon Remote Protocol which — among other things — can be used […]

February 6, 2019

THREAT RESEARCH

2018 in Snort Signatures

The cybersecurity field shifted quite a bit in 2018. With the boom of cryptocurrency, we saw a transition from ransomware to cryptocurrency miners. Talos researchers identified APT campaigns including VPNFilter,...

January 9, 2019

THREAT RESEARCH

Why we want users’ feedback on Snort rule documentation

Today, Talos is launching a new community survey to solicit feedback on SNORTⓇ documentation. When Snort alerts the end user, the rule documentation is their first and possibly only avenue...

January 29, 2018

THREAT RESEARCH

2017 in Snort Signatures.

2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and BadRabbit to impact...

November 17, 2017

THREAT RESEARCH

Threat Round Up for Nov 10 – Nov 17

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between November 10 and November 17. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

October 27, 2017

THREAT RESEARCH

Threat Round Up for Oct 20 – Oct 27

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between October 20 and October 27. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

October 13, 2017

THREAT RESEARCH

Threat Round Up for Oct 6 – Oct 13

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between October 6 and October 13. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

September 29, 2017

THREAT RESEARCH

Threat Round Up for Sept 22 – Sept 29

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 22 and September 29. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]