Talos urges all users to implement these rules as soon as possible to keep their networks and machines protected. Today’s release contains 34 new rules and 22 modified rules. This ruleset provides protection against the recently discovered Zeppelin ransomware attack. Zeppelin is highly configurable and can be deployed as an EXE, DLL, or wrapped in a. PowerShell loader. These rules prevent Zeppelin from making an outbound connection and also stops the malware from being downloaded. You can subscribe to Talos’ newest rule detection functionality for as low as $29 a year with a personal account.”]
Source: https://blog.snort.org/2019/12/snort-rule-update-for-dec-17-2019.html