Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Talos blog: 2018 Snort rules (picked up by MX)

davidvan
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Feb 6 2019 3:34 PM
‎Feb 6 2019 3:34 PM

Talos blog: 2018 Snort rules (picked up by MX)

Has anyone read the latest Talos blog post? They rank the top 5 Snort rules triggered in 2018 (data picked up from Meraki MX). Looks like crypto miners are becoming more popular than ransomware.

 

Curious if anyone has spotted these Snort rules in their networks?

 

(FYI, you can search for them in Security Center)

 

Screen Shot 2019-02-06 at 3.29.10 PM.png

Subscribe
1 Reply 1
BrechtSchamp
Kind of a big deal
‎Feb 6 2019 11:55 PM
‎Feb 6 2019 11:55 PM

None of them show up on my networks I guess that's a good thing.

 

I do notice something weird though. On one of my networks, whichever of those five I search for, I always get one result, but it's unrelated. It's an instance of a breach against Rule ID 1-49040.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.