Snort Subscriber Rules Update 2021-03-02

[Research <research () sourcefire com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Talos Snort Subscriber Rules Update

Synopsis:
This release adds and modifies rules in several categories.

Details:
Microsoft Vulnerability CVE-2021-26855:
A coding deficiency exists in Microsoft Exchange Server that may lead
to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 57241 through 57244.

Microsoft Vulnerability CVE-2021-26857:
A coding deficiency exists in Microsoft Exchange Server that may lead
to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 57233 through 57234.

Microsoft Vulnerability CVE-2021-26858:
A coding deficiency exists in Microsoft Exchange Server that may lead
to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 57245 through 57246.

Microsoft Vulnerability CVE-2021-27065:
A coding deficiency exists in Microsoft Exchange Server that may lead
to remote code execution.

Rules to detect attacks targeting these vulnerabilities are included in
this release and are identified with GID 1, SIDs 57245 through 57246.

Talos also has added and modified multiple rules in the malware-cnc,
netbios and server-webapp rule sets to provide coverage for emerging
threats from these technologies.


For a complete list of new and modified rules please see:

https://www.snort.org/advisories
-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJgPv/PAAoJEPE/nha8pb+tsgwP/R5uPLW7i81a07BgkrJ04ozF
KPh0Czd+Tr0oS6sYT67vW5NXJXo7yZMZctbzzztwnv5m1zz9Bjg0XF5PX87/gD0I
+cH/8mQ28tkMzhToKFyDRoeN2BB5+a99M9E7kXU/Rbsv5RjAdD8ypROahgBQeND8
QmDOagR+Wfo9eiubBwYqrQNdRfk+/lDhIvvvsVrMvy4H5B/QeBJY/byNqGNurPQb
EDZF4maAiyVczHtDi41LCQSFHZg6jBAqaAfv5ec3F2tCe2t3Cq5MQrwm/SYVMtvj
NztVmi2J8iNUhncw2dwJOhmOmMsQ4iG0yejr8v+tF2zS7CH0EkU2rOW3txyTm1ck
tMS4w6Ze2qs5GIBVRFutsQQI71xJG6KlxXtN+TjYW3pib671OK7TP+ZoP0jAdsvT
gGzmaAYPHY80frYMbViOCqnOrESNZ7WCtr5GiG7lbyBmPOBKHpEd/7ogv5E1bzbS
37SU/wgioEKh3KL5oX1UPn8PtJtpopHEqMT5NIZAsHx0rltMMeqH3SB70llDDuai
xUnPmW0bYzxELXUOwzoEv4MeZBVzXZLp37Y+GgrI2mscnVyD9+X6kI02u7UV22fA
Me4FlDNiVjRtB5G/5bu3NSOhLjHmKl5WJETg1oKjZxuQ1HVVbFMb2JdtDqXxc73i
1WooVkU8QaFTFHzqc7Ab
=qIxj
-----END PGP SIGNATURE-----

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!