The Intelligent Sandbox updated content package for versions 4.8, 4.10, 4.12, 4.14, 5.0, and 5.2 are now available.
This detection package adds detection updates to Intelligent Sandbox. This update includes the following changes:
- Coverage for PlugX Worm/Backdoor ransomware.
- Coverage for rhysida ransomware.
- Coverage for akira ransomware.
- Rules to detect buhti Ransomware.
- Rules to detect Generic Trojanspy.
- Rules to detect malicious .hta files, JavaScript and VBScript executed by mshta.exe.
- Rules to detect General Html Phishing.
For more details on changes and fixes, see the Release Notes.
This detection package is released using common detection package format. To install and apply a common detection package, either use Intelligent Sandbox 5.2.2 or later, or install a patch if your Intelligent Sandbox is 5.2.0 or older. See KB96550 - How to enable support for the Intelligent Sandbox and Advanced Threat Defense common detection package for the details about the common detection package format.
Package build number is: 5.2.2.230619
Customers can update to the detection packages using the following two options:
- Product UI: Access on the Intelligent Sandbox (ATD) UI at: Manage, Image & Software, Content Update, Detection Pkg.