Product Update - December 23, 2024

New Features and Enhhancements

  • API Support for BGP Peering: We added API support for BGP configuration and monitoring to enhance your control over site connectivity:
      • Mutation APIs:
        • addBgpPeer
        • updateBgpPeer
        • removeBgpPeer
      • Query APIs:
        • bgpPeer
        • siteBgpStatus

Security Updates

  • IPS Signatures:
    • View more details about the IPS signatures and protections in the Threats Catalog:

      • Multi PsExec Usage Following Discovery Tools (New)
      • Cobalt Strike Utilizing PsExec (New)
      • CVE-2017-9757 (New)
      • CVE-2023-24749 (New)
      • CVE-2023-46574 (Enhancement)
      • CVE-2024-10914 (New)
      • CVE-2024-11651 (New)
      • CVE-2024-12209 (Enhancement)
      • CVE-2024-23113 (New)
      • CVE-2024-34257 (New)
      • CVE-2024-38819 (New)
      • CVE-2024-39906 (New)
      • CVE-2024-43642 (New)
      • CVE-2024-44400 (New)
      • CVE-2024-47575 (New)
      • CVE-2024-49033 (New)
      • CVE-2024-50334 (New)
      • CVE-2024-50623 (Enhancement)
      • CVE-2024-51567 (New)
      • CVE-2024-51568 (New)
      • CVE-2024-5334 (New)
      • CVE-2024-8963 (New)
      • CVE-2024-9464 (New)
      • CVE-2024-9487 (New)
      • Netwave IP Camera Information Disclosure (new)
      • Heuristic - Fake Captcha detection (New)
      • JWrapperDownloader User-Agent to low popularity Destination ) New)
      • Phishing o365 – (Enhancement)
      • Ransomware - AllCiphered (New)
      • Ransomware - AnonWorld (Enhancement)
      • Ransomware - Arachna (Enhancement)
      • Ransomware - Arcus (Enhancement)
      • Ransomware - Biobio (Kasper) (Enhancement)
      • Ransomware - Bixi (Enhancement)
      • Ransomware - Black (Prince) (Enhancement)
      • Ransomware - Black Basta (Enhancement)
      • Ransomware - blackZluk (Enhancement)
      • Ransomware - CONTI (Enhancement)
      • Ransomware - CryptoFortress (Enhancement)
      • Ransomware - Dark Angels Team (Enhancement)
      • Ransomware - DarkDev (Enhancement)
      • Ransomware - Diamond (Enhancement)
      • Ransomware - DVN (Enhancement)
      • Ransomware - ElonMuskIsGreedy (Enhancement)
      • Ransomware - ELPACO-team (Enhancement)
      • Ransomware - EnCiPhErEd (Enhancement)
      • Ransomware - ERIS (Enhancement)
      • Ransomware - Hakuna Matata (Enhancement)
      • Ransomware - Hawk (Enhancement)
      • Ransomware - Heda (Enhancement)
      • Ransomware - Helldown (Enhancement)
      • Ransomware - Imploder (New)
      • Ransomware - Interlock (Enhancement)
      • Ransomware - Java (Enhancement)
      • Ransomware - Kasper (Enhancement)
      • Ransomware - Keygroup777 (Enhancement)
      • Ransomware - KEYPASS (Enhancement)
      • Ransomware - Killer Skull (Enhancement)
      • Ransomware - King (Enhancement)
      • Ransomware - MAGA (Enhancement)
      • Ransomware - MrBeast (Enhancement)
      • Ransomware - Netwalker (Enhancement)
      • Ransomware - NK (Enhancement)
      • Ransomware - Nyxe (Enhancement)
      • Ransomware - Pdf (Enhancement)
      • Ransomware - Prince (Enhancement)
      • Ransomware - Rapid (Enhancement)
      • Ransomware - RedLocker (Enhancement)
      • Ransomware - Saturn (Enhancement)
      • Ransomware - ScRansom (Enhancement)
      • Ransomware - Secplaysomware (Enhancement)
      • Ransomware - Senator (Enhancement)
      • Ransomware - SHINRA (Enhancement)
      • Ransomware - SLAM (Enhancement)
      • Ransomware - Sougolock (Enhancement)
      • Ransomware - Surtr (Enhancement)
      • Ransomware - Termite (New)
      • Ransomware - TRUST FILES (Enhancement)
      • Ransomware - Txdot (Enhancement)
      • Ransomware - UwU (New)
      • Ransomware - Weaxor (Enhancement)
      • Ransomware - WeHaveSolution (Enhancement)
      • Ransomware - XFUN (Enhancement)
      • Ransomware - ZipLOCK (Enhancement)
      • Ransomware - Ztax (Enhancement)
  • Apps Catalog
    • More than 120 new Cloud Apps (see Apps Catalog):
      • Windows Autopatch (New)
      • Supplyline App (New)
      • Cornerstone OnDemand  )Enhancement)
      • Barco  )Enhancement)
      • Microsoft Copilot  )Enhancement)
      • Google Gemini  )Enhancement) 
  • XDR Indications of Attack Signatures:
    • Threat Hunting:
      • High-Volume DNS Traffic to Suspicious Domains (New)
      • Suspicious Bot Activity (Enhancement)
  • Device Inventory:
    • These are the updates to the Device Inventory detection engine:
      • Networking
        • Network Appliance
          • Juniper Networks (Enhancement)
          • Lancom Systems (Enhancement)
      • IOT
        • Printer
          • Zebra (Enhancement)
        • VoIP
          • Mitel (Enhancement)
          • Snom Technology (Enhancement)
      • PC
        • Thin Client
          • PCoIP Endpoint Device (Enhancement)
        • Workstation
          • Apple (Enhancement)
      • Mobile
        • Mobile Phone
          • Samsung (Enhancement)

Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?

0 out of 0 found this helpful

0 comments

Add your comment