The Intelligent Sandbox updated content packages for versions 4.8, 4.10, 4.12, 4.14, 5.0, and 5.2 are now available.
The detection packages add detection updates to Intelligent Sandbox. This update includes the following changes:
- Coverage for Donut ransomware
- Coverage for Demon ransomware
- Coverage for Generic backdoor
- Rules to delete VSS service
- Rules to detect malicious msiexec operation
- Rules to enable users access to file and directories on various systems across a network
- Rules to detect TrojanBackdoor
For more details on changes and fixes, read the Release Notes.
Package details by version are as follows:
- atd-detection-img-5.2.0.221209-5.2.0.x86_64.rpm
- atd-detection-img-5.0.0.221209-5.0.0.x86_64.rpm
- atd-detection-img-4.14.2.221209-4.14.2.x86_64.rpm
- atd-detection-img-4.12.4.221209-4.12.4.x86_64.rpm
- atd-detection-img-4.10.2.221209-4.10.2.x86_64.rpm
- atd-detection-img-4.8.2.221209-4.8.2.x86_64.rpm
Customers can update to the detection package using the following two options:
- Product UI: Access on the Intelligent Sandbox/ATD UI at: Manage, Image & Software, Content Update, Detection Pkg.
- Product Downloads site: Customers can download the content updates, behind appropriate grant numbers, from the Product Downloads site.