The Intelligent Sandbox updated content package for versions 4.10, 4.12, 4.14, 5.0, and 5.2 are now available.
This detection package adds detection updates to Intelligent Sandbox. This update includes the following changes:
New Rules:
- Coverage for Knight Stealer
- Coverage for KimsukyAPT
- Coverage for Nightcrow Ransomware
For more details about changes and fixes, see the Release Notes.
This detection package is released using the common detection package format. To install and apply a common detection package, either use Intelligent Sandbox 5.2.2 or a newer version, or install a patch of KB96550 - How to enable support for the Intelligent Sandbox and Advanced Threat Defense common detection package if your Intelligent Sandbox is version 5.2.0 or older.
See KB96550 - How to enable support for the Intelligent Sandbox and Advanced Threat Defense common detection package for details about the common detection package format.
From this month onwards, the detection package will not support version 4.8. Customers with Intelligent Sandbox (ATD) 4.8 are encouraged to upgrade to newer versions.
Package build number: 5.2.2.231009
Customers can update to the detection packages using the following two options:
- Product UI: Access on the Intelligent Sandbox (ATD) UI at: Manage > Image & Software > Content Update > Detection Pkg.
- Download Server: Customers can download the content updates, behind appropriate grant numbers, from the Download Server.
For more information, see the content Release Notes.