In response to recent developments and evolving threats, the CYFOX research team has significantly upgraded the Attack Hunter (Threat Hunter) engine, enabling it to detect approximately 100 new advanced attacks. These improvements are based on in-depth research and fine-tuned detection rules, ensuring that alerts for these newly identified attacks are triggered automatically, allowing for timely actions to prevent harm.
The updated Attack Hunter engine will be available to all cloud clients starting in November 2024 and to on-premises clients running version 2.03.28 or higher.
What's New
Nessus Scan Detection: Detects unauthorized Nessus scans with improved visibility.
Drupal Website Protection: Strengthened security for Drupal websites, preventing data manipulation.
Android Device Security: Enhanced protection for older Android versions against emerging vulnerabilities.
Netgear Router Security: Improved defenses against unauthorized access to specific Netgear routers.
XML System Protection: New safeguards for XML systems enhance data security.
Job Scheduling Security: Prevents unauthorized control of job scheduling systems, ensuring secure processes.
NodeJS Security: Strengthened protection for NodeJS systems against potential exploitation.
Amadey Malware Protection: Enhanced detection and blocking of Amadey malware, safeguarding sensitive information.
Lumma Stealer Detection: Improved defense against Lumma Stealer malware for stronger data protection.
Tenda Router Security: Increased security for Tenda routers, reducing unauthorized access risks.
Exploitation Attempt Detection: New roles leverage MITRE ATT&CK techniques to identify and block advanced attacks.
Fortinet Device Security: Enhanced protection for Fortinet devices, preventing unauthorized remote access.
Web Server DoS Protection: Improved defense against denial-of-service attacks, ensuring continuous server uptime.
Suspicious Downloader Detection: New rules identify and block suspicious downloads, reducing malware risk.
Spyware Detection: Strengthened spyware protection against unauthorized monitoring.
Info Stealer Protection: Improved detection of info-stealing malware for better data security.
WannaCry Ransomware Defense: Updated protection against WannaCry ransomware, keeping files secure.
Stealc Malware Detection: New defenses against Stealc malware, safeguarding sensitive information.
Cryptocurrency Mining Alerts: Introduced alerts for unauthorized cryptocurrency mining activity to prevent resource misuse.
These enhancements are part of CYFOX's continued commitment to keeping your systems safe and secure. Make sure your software is up-to-date to take full advantage of these new features and improvements.