September 13, 2020 Service Pack
The following Service Pack versions were released:
Versions (Sensor and Server) |
|---|
19.1.261 19.2.161 |
The tables below describe the enhancements, fixed issues, and changes included in each version.
The Versions column indicates the versions that include the fix.
The Required Update column indicates if the fix requires sensor/server update.
IMPORTANT: If you want to upgrade your servers to this version, we recommend that you upgrade all components - Registration server, Detection servers, and WebApp server - to this version.
Enhancements
Issue |
Area |
Description |
Versions |
Required Update |
Sensor OS |
|---|---|---|---|---|---|
CYBR-33749 |
Detection |
We have added a detection rule to detect use of the Overpass the Hash attack technique. You can use the Overpass the Hash evidence to search for use of this technique. |
19.2.161 |
Server |
N/A |
CYBR-33887 |
Endpoint Detection |
Within the evidences for Malops, we have updated the terms ‘blacklist’ and ‘whitelist’ to ‘blocklist’ and ‘allowlist’ respectively. |
19.1.261, 19.2.161 |
Server |
N/A |
Fixed issues
Issue |
Area |
Description |
Versions |
Required Update |
Sensor OS |
|---|---|---|---|---|---|
CYBR-34108 |
Detection |
Machine isolation actions were displayed as ‘Pending’ within the UI, however the machine was successfully isolated. As a result, it was not possible to unisolate the machine from the UI. This issue has been resolved. Now you can unisolate a machine when the isolation action is in a pending state. |
19.1.261, 19.2.161 |
Server |
N/A |
CYBR-31100 |
Detection |
An error in the Malop report resulted in Malop email notifications not being sent. This issue has been resolved. |
19.1.261, 19.2.161 |
Server |
N/A |
CYBR-25852 |
Investigation |
On the Investigation screen, values in the ‘OS version’ and ‘Platform architecture’ columns contained underscores instead of dots or spaces. This issue has been resolved. |
19.1.261, 19.2.161 |
Server |
N/A |
CYBR-34190 |
Sensor Management |
In deployments with large numbers of sensors, an error in the data gathering process for exporting sensor data to CSV resulted in partial data being included in the CSV. This issue has been resolved and the CSV file contains the full data. |
19.1.261, 19.2.161 |
Server |
N/A |
CYBR-34688 |
Sensor Management |
On the System > Sensors screen, if Cybereason Data Infrastructure is enabled, the default operator within the search bar was set to ‘is’. This issue has been resolved and the default operator is set to ‘contains’ instead of ‘is’. |
19.1.261, 19.2.161 |
Server |
N/A |