There are no new features or enhancements for the Cato service for this week. Take a look at these previously released features:
-
Understand and Control How Domains are Categorized: The Domain Lookup feature shows you the category for domains and the risk assessment. In addition, you can override the default system category to match organizational requirements and consistently apply policies.
-
Use Site Mutation APIs to Configure Sites at Scale: The Cato Site Mutation API lets you create and configure Socket and IPsec IKEv2 sites and related settings, such as: addStaticHost, addNetworkRange, updateSocketInterface, and removeSite. To help you get started, take a look at these sample Python scripts and Postman collections.
Go to the Cato Product Roadmap in the Knowledge Base to follow the status of upcoming features and enhancements.
Security Updates
- IPS Signatures:
- View more details about the IPS signatures and protections in the Threats Catalog:
-
WorkersDevBackdoor (New)
-
Bixi Ransomware (Enhancement)
-
BlackZluk Ransomware (Enhancement)
-
Cipher (Proton) Ransomware (Enhancement)
-
Colony Ransomware (Enhancement)
-
ELPACO-team Ransomware (Enhancement)
-
Foxtrot Ransomware (Enhancement)
-
Medusa Ransomware (Enhancement)
-
MoneyIsTime Ransomware (Enhancement)
-
Pgp Ransomware (Enhancement)
-
PURGAT0RY Ransomware (Enhancement)
-
Pwn3d Ransomware (Enhancement)
-
Secdojo Ransomware (Enhancement)
-
Stop/Djvu Ransomware (Enhancement)
-
ZAKI ESCOVINDA Ransomware (Enhancement)
-
CVE-2024-7593 (New)
-
CVE-2024-7339 (New)
-
CVE-2024-45195 (New)
-
CVE-2024-41869 (New)
-
CVE-2024-32399 (New)
-
CVE-2024-28000 (New)
-
CVE-2024-27564 (New)
-
CVE-2023-49559 (New)
-
CVE-2021-33045 (New)
-
CVE-2021-33044 (New)
-
CVE-2014-9222 (New)
-
CVE-2024-6670 (Enhancement)
-
CVE-2017-0199 (Enhancement)
-
Downloaded Files From Low-Popularity Target Using PowerShell (Enhancement)
-
- View more details about the IPS signatures and protections in the Threats Catalog:
- Suspicious Activity Monitoring
- These protections were added to the SAM service:
-
Ngrok agent established tunnel - free domains (New)
-
cid_sam_rmm_zoho_assist_attended_1_a (New)
-
cid_sam_rmm_zoho_assist_attended_1_b (New)
-
cid_sam_rmm_zoho_assist_attended_2 (New)
-
cid_sam_rmm_zoho_assist_attended_remote_support (New)
-
cid_sam_rmm_zoho_assist_unattended_1 (New)
-
cid_sam_rmm_zoho_assist_unattended_2 (New)
-
cid_sam_rmm_zoho_assist_unattended_3 (New)
-
- These protections were added to the SAM service:
- XDR Indications Of Attack Signatures:
- Threat Prevention:
- C2 Communication Over DNS (New)
- Threat Hunting:
- Communication with newly registered domains (New)
- DNS Queries to Crypto-Related Domains (New)
- Remote Connectivity Activity (Enhancement)
- Remote Session to Low-Popularity IP (Enhancement)
- Threat Prevention:
- Device Inventory:
- These are the updates to the Device Inventory detection engine:
-
IOT:
- Smart Display
- Kyocera (Enhancement)
- Printer
- Brother (Enhancement)
- Zebra (Enhancement)
- VoIP
-
- Cisco (Enhancement)
- Grandstream Networks (Enhancement)
- Mitel (Enhancement)
- Polycom (Enhancement)
- Snom Technology (Enhancement)
-
IOMT:
- Ascom (Enhancement)
- OT, IOT
- Power Device
- APC (Enhancement)
- Eaton (Enhancement)
- Power Device
- Media Player
- Roku (Enhancement)
-
Mobile:
- Mobile Phone
-
- Samsung (Enhancement)
- Networking:
- Network Appliance
- Aruba Networks (Enhancement)
- Netgear (Enhancement)
- Access Point
- Aruba Networks (Enhancement)
- Network Appliance
- PC:
- Workstation
- MSI (Enhancement)
- Workstation
-
- These are the updates to the Device Inventory detection engine:
Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.
0 comments
Please sign in to leave a comment.