Product Update - June 10, 2024

New Features & Enhancements

  • CASB Enhancement - Visibility for All Cloud App Activities: We added an option to configure Any Activity in a single Application Control rule that monitors all app activities. This lets you configure a single rule that monitors Any Activity for Any Cloud Application to discover all the apps and activities used on your network.
    • For customers with a new CASB license, a rule that monitors Any Activity for Any Cloud Application is automatically added at the bottom of the Application Control rulebase
  • New Academy Training - Network Operation Stories in XDR: Learn how Cato XDR can help Network Operation Center (NOC) teams identify and resolve network and connectivity issues. This training unit helps you understand:
    • Building blocks of Network stories
    • XDR functionality for network issues
    • Reporting and notification options

Go to the Cato Product Roadmap in the Knowledge Base to follow the status of upcoming features and enhancements.

Cato Client Releases

  • New Client Versions: From June 6, 2024, we started the rollout of the following Clients:
    • Windows version 5.10.34
    • Linux version 5.2.1.1
    • Android version 5.0.3.117

    The new versions contain an important security update and bug fixes.

Security Updates

  • IPS Signatures:
    • View more details about the IPS signatures and protections in the Threats Catalog
      • Ransomware 0day (Enhancement)
      • Ransomware Banta (New)
      • Ransomware BOMBO (Enhancement)
      • Ransomware Chaddad (Enhancement)
      • Ransomware EDHST (Enhancement)
      • Ransomware Eject (Enhancement)
      • Ransomware FUNNY (Enhancement)
      • Ransomware Harma (Enhancement)
      • Ransomware Lexus (Enhancement)
      • Ransomware Nett (Enhancement)
      • Ransomware OPIX (Enhancement)
      • Ransomware payB (Enhancement)
      • Ransomware POLSAT (New)
      • Ransomware Qilin (New)
      • Ransomware QRYPT (New)
      • Ransomware Stop/Djvu (Enhancement)
      • Ransomware SYSDF (Enhancement)
      • Ransomware xDec (Enhancement)
      • Sality Checkin (New)
      • Ducktail-Payload Communication(New)
      • FlyStudio - CnC Activity (New)
      • Low Credibility File Names(New)
      • CVE-2024-31982 (New)
      • CVE-2020-25858 (New)
      • CVE-2021-26914 (New)
      • CVE-2022-47075 (New)
      • CVE-2023-38204 (New)
      • CVE-2023-50386 (New)
      • CVE-2024-21683 (New)
      • CVE-2024-24919 (New)
      • CVE-2024-31848 (New)
      • CVE-2024-31849 (New)
      • CVE-2024-31850 (New)
      • CVE-2024-31851 (New)
      • CVE-2024-32113 (New)
      • CVE-2024-3273 (New)
      • CVE-2024-4040 (New)
      • CVE-2024-4956 (New)
      • CVE-2024-4978 (New)
      • Generic Java Serialization Over HTTP (New)
      • JS File Downloaded From Low-Popularity Target (New)
  • Detection & Response:
    • These are the updates to the Indications Catalog:
      • Threat Hunting Indications:
        • Communication with suspicious targets (New)
        • Dynamic DNS services (Enhancement)
      • Threat Prevention:
        • Suspicious DNS Communication with Blacklisted Targets

  • Suspicious Activity Monitoring:
    • These protections were added to the SAM service:
      • Downloading Teamviewer (New)
      • Lateral Batch Script Transfer (New)
      • SimpleHelp Remote Management Tool Lateral Remote Connectivity (New)
      • TeamViewer Inbound Remote Session (New)
      • Wininet/Winsock (Native Windows Client) to low Popularity (Enhancement)
      • AnyDesk WAN Remote Desktop Connection Initiation (New)
      • Transfer AnyDesk over SMB (New)
  • Apps Catalog:
    • Added over 100 new SaaS applications (you can view the SaaS apps in the Apps Catalog), including:
      • C3 AI
      • Intuit sub-services:
        • TurboTax
        • QuickBooks
        • Mint
        • Credit Karma
        • Mailchimp
    • Enhanced these applications:
      • Commvault
      • ProtonVPN
  • Device Inventory:
    • These are the updates to the Device Inventory detection engine:
      • IoT:

        • Access Point:
          • Aruba Networks (Enhancement)
        • Docking Station:
          • Action Star (Enhancement)
        • IP Camera:
          • Axis (Enhancement)
          • Hanwha (Enhancement)
          • Verkada (Enhancement)
        • IoMT:
          • Ascom (Enhancement)
        • Media Server:
          • BrightSign (Enhancement)
        • Network Appliance:
          • Cisco Meraki (Enhancement)
          • Ewon (Enhancement)
          • Juniper Networks (Enhancement)
          • Synology (Enhancement)
        • Payment Terminal:
          • CCV (Enhancement)
          • Castles Technology (Enhancement)
          • Verifone (Enhancement)
        • Power Device:
          • APC (Enhancement)
        • Printer
          • Canon (Enhancement)
          • HP (Enhancement)
          • Lexmark (Enhancement)
          • Ricoh (Enhancement)
          • Xerox (Enhancement)
          • Zebra (Enhancement)
        • Single Board Computer:
          • Raspberry Pi Foundation (Enhancement)
        • Smart Display:
          • Kyocera (Enhancement)
        • VoIP:
          • Cisco (Enhancement)
          • Commend (Enhancement)
          • Digium (Enhancement)
          • Grandstream Networks (Enhancement)
          • Innovaphone (Enhancement)
          • Mitel (Enhancement)
          • Polycom (Enhancement)
          • Snom (Enhancement)
          • Ubiquiti (Enhancement)
          • Yealink (Enhancement)
        • WAP:
          • Cambium Networks (Enhancement)
          • Cisco (Enhancement)
        • Video Encoder:
          • Axis (Enhancement)
      • Mobile:

        • Mobile Phone:
          • Samsung (Enhancement)
        • Tablet:
          • Amazon (Enhancement)
          • Apple (Enhancement)
        • Thin Client:
          • Dell (Enhancement)
          • PCoIP Endpoint Device (Enhancement)
        • Workstation:
          • Apple (Enhancement)
          • Dell (Enhancement)
          • HP (Enhancement)
          • MSI (Enhancement)

 

Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?

0 out of 0 found this helpful

0 comments

Add your comment