New Features and Enhhancements
-
API Support for BGP Peering: We added API support for BGP configuration and monitoring to enhance your control over site connectivity:
-
-
Mutation APIs:
- addBgpPeer
- updateBgpPeer
- removeBgpPeer
-
Query APIs:
- bgpPeer
- siteBgpStatus
-
Mutation APIs:
-
Security Updates
-
IPS Signatures:
-
View more details about the IPS signatures and protections in the Threats Catalog:
- Multi PsExec Usage Following Discovery Tools (New)
- Cobalt Strike Utilizing PsExec (New)
- CVE-2017-9757 (New)
- CVE-2023-24749 (New)
- CVE-2023-46574 (Enhancement)
- CVE-2024-10914 (New)
- CVE-2024-11651 (New)
- CVE-2024-12209 (Enhancement)
- CVE-2024-23113 (New)
- CVE-2024-34257 (New)
- CVE-2024-38819 (New)
- CVE-2024-39906 (New)
- CVE-2024-43642 (New)
- CVE-2024-44400 (New)
- CVE-2024-47575 (New)
- CVE-2024-49033 (New)
- CVE-2024-50334 (New)
- CVE-2024-50623 (Enhancement)
- CVE-2024-51567 (New)
- CVE-2024-51568 (New)
- CVE-2024-5334 (New)
- CVE-2024-8963 (New)
- CVE-2024-9464 (New)
- CVE-2024-9487 (New)
- Netwave IP Camera Information Disclosure (new)
- Heuristic - Fake Captcha detection (New)
- JWrapperDownloader User-Agent to low popularity Destination ) New)
- Phishing o365 – (Enhancement)
- Ransomware - AllCiphered (New)
- Ransomware - AnonWorld (Enhancement)
- Ransomware - Arachna (Enhancement)
- Ransomware - Arcus (Enhancement)
- Ransomware - Biobio (Kasper) (Enhancement)
- Ransomware - Bixi (Enhancement)
- Ransomware - Black (Prince) (Enhancement)
- Ransomware - Black Basta (Enhancement)
- Ransomware - blackZluk (Enhancement)
- Ransomware - CONTI (Enhancement)
- Ransomware - CryptoFortress (Enhancement)
- Ransomware - Dark Angels Team (Enhancement)
- Ransomware - DarkDev (Enhancement)
- Ransomware - Diamond (Enhancement)
- Ransomware - DVN (Enhancement)
- Ransomware - ElonMuskIsGreedy (Enhancement)
- Ransomware - ELPACO-team (Enhancement)
- Ransomware - EnCiPhErEd (Enhancement)
- Ransomware - ERIS (Enhancement)
- Ransomware - Hakuna Matata (Enhancement)
- Ransomware - Hawk (Enhancement)
- Ransomware - Heda (Enhancement)
- Ransomware - Helldown (Enhancement)
- Ransomware - Imploder (New)
- Ransomware - Interlock (Enhancement)
- Ransomware - Java (Enhancement)
- Ransomware - Kasper (Enhancement)
- Ransomware - Keygroup777 (Enhancement)
- Ransomware - KEYPASS (Enhancement)
- Ransomware - Killer Skull (Enhancement)
- Ransomware - King (Enhancement)
- Ransomware - MAGA (Enhancement)
- Ransomware - MrBeast (Enhancement)
- Ransomware - Netwalker (Enhancement)
- Ransomware - NK (Enhancement)
- Ransomware - Nyxe (Enhancement)
- Ransomware - Pdf (Enhancement)
- Ransomware - Prince (Enhancement)
- Ransomware - Rapid (Enhancement)
- Ransomware - RedLocker (Enhancement)
- Ransomware - Saturn (Enhancement)
- Ransomware - ScRansom (Enhancement)
- Ransomware - Secplaysomware (Enhancement)
- Ransomware - Senator (Enhancement)
- Ransomware - SHINRA (Enhancement)
- Ransomware - SLAM (Enhancement)
- Ransomware - Sougolock (Enhancement)
- Ransomware - Surtr (Enhancement)
- Ransomware - Termite (New)
- Ransomware - TRUST FILES (Enhancement)
- Ransomware - Txdot (Enhancement)
- Ransomware - UwU (New)
- Ransomware - Weaxor (Enhancement)
- Ransomware - WeHaveSolution (Enhancement)
- Ransomware - XFUN (Enhancement)
- Ransomware - ZipLOCK (Enhancement)
- Ransomware - Ztax (Enhancement)
-
-
Apps Catalog
- More than 120 new Cloud Apps (see Apps Catalog):
- Windows Autopatch (New)
- Supplyline App (New)
- Cornerstone OnDemand )Enhancement)
- Barco )Enhancement)
- Microsoft Copilot )Enhancement)
- Google Gemini )Enhancement)
- More than 120 new Cloud Apps (see Apps Catalog):
-
XDR Indications of Attack Signatures:
- Threat Hunting:
- High-Volume DNS Traffic to Suspicious Domains (New)
- Suspicious Bot Activity (Enhancement)
- Threat Hunting:
-
Device Inventory:
- These are the updates to the Device Inventory detection engine:
- Networking
- Network Appliance
- Juniper Networks (Enhancement)
- Lancom Systems (Enhancement)
- Network Appliance
- IOT
- Printer
- Zebra (Enhancement)
- VoIP
- Mitel (Enhancement)
- Snom Technology (Enhancement)
- Printer
- PC
- Thin Client
- PCoIP Endpoint Device (Enhancement)
- Workstation
- Apple (Enhancement)
- Thin Client
- Mobile
- Mobile Phone
- Samsung (Enhancement)
- Mobile Phone
- Networking
- These are the updates to the Device Inventory detection engine:
Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.
0 comments
Please sign in to leave a comment.