Talos blog: 2018 Snort rules (picked up by MX)

Meraki Alumni (Retired)
Meraki Alumni (Retired)

Talos blog: 2018 Snort rules (picked up by MX)

Has anyone read the latest Talos blog post? They rank the top 5 Snort rules triggered in 2018 (data picked up from Meraki MX). Looks like crypto miners are becoming more popular than ransomware.


Curious if anyone has spotted these Snort rules in their networks?


(FYI, you can search for them in Security Center)


Screen Shot 2019-02-06 at 3.29.10 PM.png

Kind of a big deal

None of them show up on my networks I guess that's a good thing.


I do notice something weird though. On one of my networks, whichever of those five I search for, I always get one result, but it's unrelated. It's an instance of a breach against Rule ID 1-49040.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.