Cisco Talos Blog

April 8, 2010 17:47

Rule release for today, Thursday April 8th, 2010

Mostly some small fixes, couple of reference changes and some new rules. Check it out here

March 30, 2010 16:20

Rule release for today - March 30th, 2010

Microsoft Security Advisory (MS10-018): Microsoft Internet Explorer contains several programming errors that may allow a remote attacker to execute code on an affected system. Details here: http://www.snort.org/vrt/advisories/2010/03/30/vrt-rules-2010-03-30.html

March 23, 2010 14:45

Rule release for today - March 23rd, 2010

Apple Safari RCE (CVE-2010-0049): Apple Safari contains a programming error that may allow a remote atttacker to execute code on an affected system. The issue presents itself when the browser fails to properly process certain HTML elements concerning RTL text. Additionally, as a

March 17, 2010 14:50

Rule release for today - March 17th, 2010

A maintenance release mostly, lots of changes to rules and quite a few deletions. Two new rules added. Check out the changes here

March 10, 2010 22:08

Rule release for today - March 10th, 2010

Microsoft Internet Explorer (2010-0806): Microsoft Internet Explorer contains a programming error that may allow a remote attacker to execute code on an affected system. Check it here Oh, and the rule is a shared object rule, so the changelog won't actually show it. If you

March 9, 2010 19:11

March 2010 Vulnerability Report

This month, Alain discusses the two patches from Microsoft, 0day vulnerabilities in Apache, Opera, Internet Explorer and finishes with VRT activity in March.

March 9, 2010 18:58

Rule release for today - March 9th, 2010

Microsoft Security Advisory (MS10-016): Microsoft Windows Movie Maker contains a programming error that may allow a remote attacker to execute code on an affected system. Microsoft Security Advisory (MS10-017): Microsoft Excel contains several programming errors that may allow a

March 4, 2010 17:06

Rule release for today - March 4th, 2010

We added multiple rules to the specific-threats, spyware-put, web-client, backdoor, and web-misc rule sets as well as making a whole lot of modifications to existing rules. Just a bit of a clean up. Details here: http://www.snort.org/vrt/advisories/2010/03/04/vrt-rules-2010-03-0

February 26, 2010 18:34

Rule release for today - February 26th 2010

Microsoft Internet Explorer contains a programming error that may allow a remote attacker to execute commands on a vulnerable system. The attacker needs to supply VBScript to invoke winhlp32.exe, which can then be used to execute commands via a specially crafted .HLP file. http: