This SEU number: 1659
Previous SEU number: 1658
Corresponding SRU number: 2017-04-19-002
|Total new rules||21|
|Total rule modifications||10|
|Online help change||No|
|Detection Engine change||No|
|User Interface change||No|
Note: SEU packages are cumulative. The installation of prior SEU packages is not required before installing the current package.
WARNING: The time taken to install the latest SEU will depend on the last time the 3D System was updated with an SEU. Installing SEUs weekly can help lessen the installation time. Additionally, SEUs require 50 Megabytes of free space in /tmp and 250 Megabytes of free space in /var to install successfully.
This release adds and modifies rules in several categories.
Talos has added and modified multiple rules in the exploit-kit, file-other, file-pdf, indicator-compromise, malware-cnc, os-windows and server-webapp rule sets to provide coverage for emerging threats from these technologies.
SEU packages are cumulative. The installation of prior SEU packages is not required before installing the current package. However, because SEUs are cumulative, issues identified in previous SEUs can require your attention when you import the current SEU. To review a cumulative list of recent feature updates and resolved issues since the last SEU you imported, view the Cumulative SEU Release Notes here.
SEU installation instructions can be found in the Cumulative SEU Release Notes on the Sourcefire Customer Support Site and in your Sourcefire 3D System user guide.
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information about Cisco ASA devices, see What's New in Cisco Product Documentation.
Subscribe to What's New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service. If you have any questions or require assistance with Cisco ASA devices, please contact Cisco Support:
The Talos Security Intelligence and Research Group (Talos) is made up of leading threat researchers supported by sophisticated systems to create threat intelligence for Cisco products that detects, analyzes and protects against both known and emerging threats. Talos maintains the official rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop. The team's expertise spans software development, reverse engineering, vulnerability triage, malware investigation and intelligence gathering.