New Features & Enhancements
- New Device Posture Check for Cato Client Version: You can require that devices connecting to the network have a minimum Client version installed, by creating a Device Posture check for a specific Client version. This can be added to a Device Posture Profile and then included in your Client Connectivity and security policies.
- This feature will be gradually enabled over the next few weeks
- Easily View Events for a Network Rule: Now you can use the new View Rule Events action to show the events for a specific Network Rule. When you select this action, the Events page opens and is immediately pre-filtered for all events that match that rule.
Video Feature Overviews
Security Updates
- IPS Signatures:
- View more details about the IPS signatures and protections in the Threats Catalog
- Ransomware 2023lock (New)
- Ransomware GoodMorning (New)
- Ransomware Ma1x0 (New)
- Ransomware Phobos (New)
- Ransomware SYSDF (New)
- Ransomware Dxen Ransomware (Enhancement)
- Ransomware Rocklee Ransomware (Enhancement)
- Ransomware Stop/Djvu Ransomware (Enhancement)
- Ransomware Vx-underground Ransomware (Enhancement)
- Ransomware ZENEX Ransomware (Enhancement)
- Malware DarkGate CNC Communiaction - Check-In (New)
- Malware Fewin Stealer Data Exfiltration Attempt (New)
- Malware GCleaner Downloader - IP Address Retrieval Attempt (New)
- Malware Lumma Stealer CNC Communication - Exfiltration (New)
- Malware Reverse Shell Connection - CNC Communication (New)
- Malware TA402 CnC Communication - User-Agent (New)
- Malware NodeStealer CNC Communication - Downloaded Archive GET (Enhancement)
- CVE-2024-22024 (New)
- CVE-2024-1709 (New)
- CVE-2023-6623 (New)
- CVE-2023-51467 (New)
- CVE-2023-28128 (New)
- CVE-2023-26255 (New)
- CVE-2022-36534 (New)
- CVE-2016-20017 (New)
- CVE-2023-39677 (New)
- CVE-2023-38203 (New)
- CVE-2023-35082 (New)
- CVE-2023-22527 (New)
- CVE-2019-3967 (New)
- CVE-2024-21893 (Enhancement)
- CVE-2024-21887 (Enhancement)
- CVE-2023-46805 (Enhancement)
- CVE-2023-39143 (Enhancement)
- CVE-2023-45484 (Enhancement)
- CVE-2023-45480 (Enhancement)
- Threat Actor r00ts3c-owned-you (New)
- Lumma Stealer CNC Communication - Check-In (New)
- View more details about the IPS signatures and protections in the Threats Catalog
- Detection & Response
- These are the updates to the Indications Catalog:
- Threat Hunting Indications:
- Kali Linux Detection (New)
- Suspicious Binary File Download using WinHTTP (New)
- Suspicious Tool Download (New)
- WebShell uploaded (New)
- Threat Hunting Indications:
- These are the updates to the Indications Catalog:
- Suspicious Activity Monitoring:
- These protections were added to the SAM service:
- AnyDesk remote desktop connection (New)
- Process Hacker - download (New)
- Lateral bash script transfer (New)
- Phishing heuristic (Enhancement)
- These protections were added to the SAM service:
- TLS Inspection
- Added global bypass for these applications, preventing possible TLS inspection errors:
- Brother Industries
- Cisco Meraki Cloud
- Oculus
- Ring
- Western Digital
- Xerox
- Added global bypass for these applications, preventing possible TLS inspection errors:
- Apps Catalog:
- Added over 100 new SaaS applications (you can view the SaaS apps in the Apps Catalog), and enhanced these applications:
- Microsoft Copilot (formerly BingAI)
- Google Gemini (formerly Bard)
- King
- WireGuard protocol
- Added over 100 new SaaS applications (you can view the SaaS apps in the Apps Catalog), and enhanced these applications:
- Application Control (CASB and DLP):
- This app is included in DLP scans:
- Google Gemini - Search
- This app is included in DLP scans:
- Client Classification:
- Greenbone OS
Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.
0 comments
Please sign in to leave a comment.