Has anyone read the latest Talos blog post? They rank the top 5 Snort rules triggered in 2018 (data picked up from Meraki MX). Looks like crypto miners are becoming more popular than ransomware.
Curious if anyone has spotted these Snort rules in their networks?
(FYI, you can search for them in Security Center)
None of them show up on my networks I guess that's a good thing.
I do notice something weird though. On one of my networks, whichever of those five I search for, I always get one result, but it's unrelated. It's an instance of a breach against Rule ID 1-49040.
View all community news »