Product Update - March 17, 2025

New Features & Enhancements

  • Natural Language Search for Audit Trail: Use natural language search to easily find relevant data on the Audit Trail page with everyday language instead of manual filters. For example, you can search for "All firewall rule changes in the last 24 hours", and this phrase is automatically converted to the appropriate filters.
  • New Client Releases for Windows and Linux: During the week of March 17, 2025, we are starting the rollout of the new Client versions for Windows (v5.14) and Linux (v5.4). These versions contain bug fixes and enhancements.
  • Reminder: As of April 6, 2025, the toggle for the new CMA navigation will be removed and all accounts will only use the new navigation options.

Security Updates

  • IPS Signatures:

    • View more details about the IPS signatures and protections in the Threats Catalog

      • CVE-2022-43939 (New)
      • CVE-2023-47254 (New)
      • CVE-2024-41710 (New)
      • CVE-2024-48766 (New)
      • CVE-2024-9193 (New)
      • CVE-2025-22952 (New)
      • Downloading Legitimate Tool From Low Popularity Target (New)
      • Generic .Net Insecure Deserialization - Gadget ClaimsPrincipal (New)
      • Generic .Net Insecure Deserialization Over HTTP: Gadget DataSetOldBehaviour (New)
      • Generic .Net Insecure Deserialization Over HTTP: Gadget DataSetOldBehaviourFromFile (New)Ransomware - BlackHeart (MedusaLocker) (Enhancement)
      • Ransomware - BlackHeart (New)
      • Ransomware - Cerber (Enhancement)
      • Ransomware - CipherLocker (Enhancement)
      • Ransomware - Danger (GlobeImposter) (New)
      • Ransomware - Danger (New)
      • Ransomware - EnCiPhErEd (Enhancement)
      • Ransomware - ETHAN (Enhancement)
      • Ransomware - FOX (Enhancement)
      • Ransomware - Heda (Enhancement)
      • Ransomware - Hunters (Xorist) (Enhancement)
      • Ransomware - Jett (Enhancement)
      • Ransomware - Loches (Enhancement)
      • Ransomware - LockBit 3.0 (Enhancement)
      • Ransomware - Locked (MedusaLocker) (Enhancement)
      • Ransomware - Louis (Enhancement)
      • Ransomware - Lucky (MedusaLocker) (Enhancement)
      • Ransomware - M142 HIMARS (Enhancement)
      • Ransomware - Monti (Enhancement)
      • Ransomware - Ncov (Enhancement)
      • Ransomware - ONION (Enhancement)
      • Ransomware - Pizdec (Enhancement)
      • Ransomware - QQ (New)
      • Ransomware - Vgod (Enhancement)
      • Ransomware - Weaxor (Enhancement)
      • Ransomware - Wiki (Enhancement)
      • Scanners - Windows Network Share Enumeration via SRVSVC (New)
  • Suspicious Activity Monitoring:
      • This protection was added to the SAM service:
        • Zoho Assist Download (Enhancement)

        • ICMP Network Scanning Activity (New)

  • Apps Catalog
    • More than 120 new Cloud Apps (see Apps Catalog), including:

      • SharePoint and OneDrive business (Enhancement)

      • Microsoft Azure Cloud App Security (Enhancement)

      • DingTalk (Enhancement)

      • Allegion (Enhancement)

      • Microsoft General  (Enhancement)

      • Ninjarmm (Enhancement)

         

  • XDR Indications of Attack Signatures:
    • Threat Hunting:
      • Suspicious LNK File Download (Enhancement)
      • Suspicious Tool Download (Enhancement)
    •  
  • Application Control (CASB and File Control):
    • Added tenant-awareness support for Claude and Copilot activities
    • Application Control:
      • Claude - Download File (New)
    • File Control:
      • Claude - Download File (New)
  • Device Inventory:
    • These are the updates to the Device Inventory detection engine:
      • IOT
        • Docking Station 
          • Action Star (Enhancement)
          • Multifunction Device
          • Toshiba (Enhancement)
        • Smart TV 
          • LG (Enhancement)
          •  
        • VoIP
          • Cisco (Enhancement)
          • Yealink (Enhancement)
      • Mobile
        • Mobile Phone 
          • Google (Enhancement)
          • Samsung (Enhancement)
          • Zebra (Enhancement)
      • Networking
        • Network Appliance 
          • Aruba Networks (Enhancement)
      • PC
        • Desktop
          • Dell (Enhancement)
        • Laptop
          • Dell (Enhancement)
          • HP (Enhancement)
          • Lenovo (Enhancement)
          • Microsoft (Enhancement)
          • Toshiba (Enhancement)
      •  Server
        • Print Server
          • HP (Enhancement)

Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?

0 out of 0 found this helpful

0 comments