Product Update - Dec. 25th, 2023

New Features & Enhancements

  • PingFederate Supported for SSO Authentication: PingFederate can be used by remote users and Cato Management Application admins to authenticate with SSO. 

PoP Announcements

  • The following IP range is now available in this PoP location:

    • Ashburn, VA:

Security Updates

  • IPS Signatures:
    View more details about the IPS signatures and protections in the Threats Catalog
    • Ransomware BuLock (Enhancement)
    • Ransomware Fun (Enhancement)
    • Malware Amadey (New)
    • Malware Amadey CnC Check-In (New)
    • Malware Arkei Stealer Variant (New)
    • Malware DCRAT Activity (GET) (New)
    • Malware Koadic Malware (New)
    • Malware Mars Stealer Variant (New)
    • Malware Redline Stealer TCP CnC - Id1Response (New)
    • Malware Vidar Stealer Variant (New)
    • CVE-2023-50164 (New)
    • CVE-2023-46214 (New)
    • CVE-2023-2986 (New)
    • CVE-2023-29798 (New)
    • CVE-2022-22956 (New)
    • CVE-2017-6884 (New) 
    • CVE-2020-1472 (Enhancement)
    • CVE-2023-20273 (Enhancement)
  • Detection & Response
    These are the updates to the Indications Catalog

    • Threat Hunting Indication:
      • Protected ZIP Download from Low-Reputation Sources (New)
      • Downloading a Suspicious Script (Enhancement)
      • Malware Activity (Enhancement)
      • Suspicious Network Activity (Enhancement)
      • Suspicious Trello API usage (Enhancement)
      • WebShell uploaded  (Enhancement)
    • Threat Prevention Indication: 
      • Suspicious Network Activity JA3 (Enhancement)
      • BitTorrent Outbound Communication (Enhancement)
  • Suspicious Activity Monitoring:
    This protection was added to the SAM service:
    • Downloaded a password protected archive file (New)
  • TLS Inspection:
    • Added global bypass for these apps and FQDNs, preventing possible TLS inspection errors:
      • Apps:
        • Huawei Technologies Co. Ltd
      • FQDNS:
  • Apps Catalog:
    Added over 450 new SaaS applications (you can view the SaaS apps in the Apps Catalog), and enhanced this application:
    • Viber
  • Application Control (CASB): 
    • New granular actions for the following apps:
      • Gmail download attachment (New)
      • Google Photos - download (New)
      • Workplace - upload files (New)
      • OneDrive Personal - download and upload (Enhancement)


Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?


Add your comment