Product Update - Dec. 25th, 2023

New Features & Enhancements

  • PingFederate Supported for SSO Authentication: PingFederate can be used by remote users and Cato Management Application admins to authenticate with SSO. 

PoP Announcements

  • The following IP range is now available in this PoP location:

    • Ashburn, VA: 150.195.206.0/24

Security Updates

  • IPS Signatures:
    View more details about the IPS signatures and protections in the Threats Catalog
    • Ransomware BuLock (Enhancement)
    • Ransomware Fun (Enhancement)
    • Malware Amadey (New)
    • Malware Amadey CnC Check-In (New)
    • Malware Arkei Stealer Variant (New)
    • Malware DCRAT Activity (GET) (New)
    • Malware Koadic Malware (New)
    • Malware Mars Stealer Variant (New)
    • Malware Redline Stealer TCP CnC - Id1Response (New)
    • Malware Vidar Stealer Variant (New)
    • CVE-2023-50164 (New)
    • CVE-2023-46214 (New)
    • CVE-2023-2986 (New)
    • CVE-2023-29798 (New)
    • CVE-2022-22956 (New)
    • CVE-2017-6884 (New) 
    • CVE-2020-1472 (Enhancement)
    • CVE-2023-20273 (Enhancement)
  • Detection & Response
    These are the updates to the Indications Catalog

    • Threat Hunting Indication:
      • Protected ZIP Download from Low-Reputation Sources (New)
      • Downloading a Suspicious Script (Enhancement)
      • Malware Activity (Enhancement)
      • Suspicious Network Activity (Enhancement)
      • Suspicious Trello API usage (Enhancement)
      • WebShell uploaded  (Enhancement)
    • Threat Prevention Indication: 
      • Suspicious Network Activity JA3 (Enhancement)
      • BitTorrent Outbound Communication (Enhancement)
  • Suspicious Activity Monitoring:
    This protection was added to the SAM service:
    • Downloaded a password protected archive file (New)
  • TLS Inspection:
    • Added global bypass for these apps and FQDNs, preventing possible TLS inspection errors:
      • Apps:
        • Huawei Technologies Co. Ltd
      • FQDNS:
        • supportview.com
        • ota-cloudfront.net
  • Apps Catalog:
    Added over 450 new SaaS applications (you can view the SaaS apps in the Apps Catalog), and enhanced this application:
    • Viber
  • Application Control (CASB): 
    • New granular actions for the following apps:
      • Gmail download attachment (New)
      • Google Photos - download (New)
      • Workplace - upload files (New)
      • OneDrive Personal - download and upload (Enhancement)

 

Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?

0 comments

Add your comment