Introducing Software Updates
(Coming Soon)
The update introduces a new feature that allows users more control over their software updates. Whereas previously updates for agents and the server were automatic, now users can decide when and how to apply these updates. They have the option to schedule updates for a specific time that suits them or to manually initiate these updates as needed. This enhancement is designed to provide organizations with the flexibility to manage software updates in a way that minimizes disruption and aligns with their operational needs.
For detailed guidance on managing your software updates, please refer to the following guide.
XDR Version 2.3.25
Coming Soon
XDR Version 2.03.25 introduces the first-ever support for uninstalling the agent directly via the server!
This new approach allows clients to remotely connect to any required agent and uninstall it, significantly reducing the complexity of managing inventory without the need for any third-party distribution tools.
A comprehensive guide to remote uninstallation can be found here.
In addition to this enhancement, Version 2.03.25 includes several enhancements and bug fixes:
Executive Summary Report: Corrected inaccuracies in the "managed devices" reporting.
Vulnerability Data Display: Resolved issues with incorrect data display for certain devices.
Improved loading times on the "Attack Hunter" page.
XDR Version 2.3.24
2 Sept, 2024
This update includes a critical hotfix addressing an issue where USB policies were not functioning correctly in certain policy scenarios.
XDR Version 2.3.22
20 Aug, 2024
XDR Version 2.03.22 introduces support for the new Agent (version 2.3.2.0), addressing several key issues outlined in this update.
XDR Version 2.3.21
5 Aug, 2024
XDR Version 2.03.21 addresses several critical issues reported by our clients to enhance the stability and performance of the CYFOX On Prem Server.
The updates focus on improving user experience, particularly for those managing larger networks and extensive endpoint data.
Bug Fixes
Network Map Responsiveness:
Addressed an issue causing the Network Map page to become unresponsive and crash, particularly in environments with larger networks and queries. Users should now experience stable and smooth navigation in this section.
Session Termination on Forensic Tab:
Resolved an issue reported by clients where navigating to the Forensic tab and then to Host Events resulted in a "Failed to load" error and forced disconnection to the main login page. This fix ensures seamless access to forensic data without unexpected session terminations.
FIM Configuration Issue: Fixed a problem where users could not add a host to the FIM. The updated FIM configuration now correctly detects agents, allowing seamless addition of hosts.
Note: These fixes primarily affect users with a significant number of endpoints (1,000 or more). The update ensures a more reliable and efficient experience for managing large-scale environments.
XDR Version 2.3.20
29 July, 2024
XDR Version 2.3.20 brings several bug fixes and performance improvements, particularly for on-premises servers operating with a large number of connections (up to 10,000 agents).
Key improvements in this version include:
Enhanced dashboard queries for easier navigation through the dashboard screen.
Reduced high CPU usage caused by unoptimized user interface queries.
Additionally, this update resolves an issue with license usage count for agents that were uninstalled. Some clients experienced continued license usage even after agents were removed. From version 2.3.20 onwards, the system automatically detaches a license once an agent is uninstalled, allowing it to be reused for other endpoints.
Lastly, version 2.3.20 integrates a new agent version (2.3), which includes several bug fixes. Detailed release notes for the latest agent version can be found here.
XDR Version 2.3.19
11 July, 2024
XDR Version 2.3.19 includes performance optimizations, for larger companies with up to 10,000 devices operating and reporting events.
Significantly improved Inventory queries, including Inventory, Asset Management Reports, and all related Inventory queries.
Enhanced performance for all Vulnerability queries on the Wall, including counters and the Vulnerabilities panel with hosts.
Additional Bug Fixes:
Fixed the time-picker in the Date-range-picker
Adjusted support for agent policy rules, including the ability to delete "unknown rules.
XDR Version 2.3.18
1 July, 2024
This version mainly includes API support for the folder/file exclusion feature, starting from AG.AI version 2.2.
In addition to the API support, the new version includes the following enhancements:
For servers reporting to the cloud, modified the Event Prioritization Mechanism to ensure the most important events are sent before the less important ones. For example, using this logic, Attack Hunter events will be sent before Forensics events when both have the same timestamp.
Added an option to test the connection of a Cloud URL (see Release Notes 2.3.13 for reference) before going live.
Version 2.3.18 also addresses the following bugs reported by customers:
Fixed an issue where the Network Inventory report failed to download ("Failed to download PDF report").
XDR Version 2.3.17
20 Jun, 2024
Version 2.03.17 resolves a critical issue affecting the Agent's functionality, specifically addressing the persistent UI Connection pop-up problem reported by our customers.
XDR Version 2.3.16
8 Jun, 2024
XDR Version 2.3.16 introduces significant enhancements and updates to the Attack Hunter engine, now capable of detecting a wider range of malicious network activities such as shellcode injection, post-exploitation enumeration, suspicious file transfers, and critical vulnerability exploits.
Additionally, the new ruleset has refined the FIM alert mechanisms to minimize false positives.
For a comprehensive and detailed view of the newly added rules, please refer to the following link.
XDR Version 2.3.14
1 June, 2024
XDR Version includes API support for the new AG.AI version 2.1.1.4
XDR Version 2.3.13
21 May, 2024
The update introduces an option for clients operating CYFOX in their own data centers, with the ability to configure to which cloud server (date center) they want to connect.
By default, the connection is set to cloud.cyfox.com, but clients can change this to report to their own data center.
Please note that this configuration only affects the reporting mechanism and does not impact other functionalities, such as licensing, which will still be managed through cloud.cyfox.com.
To change the cloud URL, the admin user of the XDR server should go to the "System Settings" menu item and select the "Maintenance" tab. In the "License Information" panel, choose the last item (Cloud URL) and configure it manually.
In addition, the new version has resolved the following bugs:
Resolved the issue causing the Network Inventory Report to fail to load.
Fixed the failure to check for attacks notification, caused by connectivity issues.
Fixed the "Country" field display issue in the System Settings tab.
XDR Version 2.3.12
24 Apr, 2024
The update introduces a new feature designed for Cloud-Only clients, enabling them to manage and create new users, download agents, and update their company information details independently, without requiring access through the parent MSSP/Distributor account. For additional information, please refer to the following guide.
Additional Bug Fixes & Enhancements Implemented in Core Version 2.03.12
Resolved geographical display issues in the Threats Geo Map
Corrected data display issues in the OS Report
Addressed data display issues in the Hosts Report
Fixed date range filtering problems in the Reports Panel
Updated Help Center and Documentation Links
XDR Version 2.3.10
17 Mar, 2024
The latest version now supports client local time zones, moving away from the universal time clock used by CYFOX servers. It automatically detects the server computer's local time and adjusts all data, including logs, alerts, and reports, to operate in accordance with this local time setting.
Lastly, this version includes significant bug fixes, particularly focusing on enhancing the reports mechanism, resolving FIM Configuration issues, and improving the "Apply Changes" functionality.
XDR Version 2.3.9
15 Jan, 2024
XDR version 2.3.9 includes enhancements focused on the Attack Hunter engine. This update brings forth a series of improvements and additions to identify additional MITRE ATT&CK techniques.
Incorporation of 7 new "network malware" techniques.
Addition of a novel "Unauthorized Access" technique to identify malware infections on both network and host levels.
Updating of the "Information Leak" technique to detect DHCP Spoofing/MITM attacks.
Integration of 7 new Artificial Intelligence IOCs into the Attack Hunter.
Revision of 2 "External Device Manipulation" techniques to detect suspicious USB actions.
Enhancement of 15 "Persistence" techniques in the Attack Hunter, aiming to reduce false positive alerts and improve overall security.
Introduction of a new "Deobfuscate/Decode Files or Information" signature to the Attack Hunter.
Updating of 20 "Defense Evasion" techniques to elevate security measures.
Introduction of 6 new "Discovery" techniques to the Attack Hunter.
Addition of 2 new "Proxy" techniques to the Attack Hunter, specifically geared towards the detection of advanced attacks and malware.
Refinement of 3 "Lateral Movement" techniques to reduce false positive alerts.
Updating of 5 "Execution" techniques to minimize false positive alerts and enhance accuracy.
Additionally, this version addresses critical bug fixes and performance issues, including:
Resolution of Attack Hunter configuration issues.
Addition of Timezone conversion to the client’s timezone and formatting date based on client system preferences.
EDR Support Extension in the UI.
Resolution of USB Policy design issues and bugs.
Addition of Google Captcha to the "Forgot password" page.
Fixing the "Apply changes" button issue.
Query optimization for Forensics Host/User events query.
Resolution of the issue preventing page changes inside Host Services.