The Intelligent Sandbox updated content packages for versions 4.8, 4.10, 4.12, 4.14, 5.0, and 5.2 are now available.
This detection package adds detection updates to Intelligent Sandbox. This update includes the following changes:
- Coverage for EnCiPhErEd ransomware.
- Coverage for DrWeb ransomware.
- Rules to detect GpCODE ransomware.
- Rules to detect kmbgdftfgdlf ransomware.
- Rules to detect gold ransomware.
- Rules to VBScript executed without .vbs extension.
- Rules to detect modification of Driver Signature Enforcement.
For more details on changes and fixes, read the Release Notes.
Package details by version are as follows:
- atd-detection-img-5.2.0.230509-5.2.0.x86_64.rpm
- atd-detection-img-5.0.0.230509-5.0.0.x86_64.rpm
- atd-detection-img-4.14.2.230509-4.14.2.x86_64.rpm
- atd-detection-img-4.12.4.230509-4.12.4.x86_64.rpm
- atd-detection-img-4.10.2.230509-4.10.2.x86_64.rpm
- atd-detection-img-4.8.2.230509-4.8.2.x86_64.rpm
Customers can update to the detection package using the following two options:
- Product UI: Access on the Intelligent Sandbox/ATD UI at: Manage, Image & Software, Content Update, Detection Pkg.
- Product Downloads site: Customers can download the content updates, behind appropriate grant numbers, from the Product Downloads site.