Version 7.13.4
This release is a detection update. As such, no features are added, changed, or removed.
Detection Improvements
- Improved file analysis
- Improved URL analysis
Improved file analysis
We have made improvements to the file type detection logic of various formats, including:
- Data/scripts embedded in documents.
- Microsoft Powerpoint Slideshows.
- MSI installer packages.
Additionally, we have made enhancements to the detection of
- Stalling activity using system utilities.
- Download activity using system utilities.
- EPS-based document exploits.
- ROP-based document exploits.
and made corrections to the extraction of Macro content as well as URLs embedded in Microsoft Office documents.
Improved URL analysis
We have also made enhancements to our ability to identify threats via our URL analysis. This includes:
- Improved robustness of the instrumented browser.
- Improved detection of downloads via the "Content-Disposition: attachment" response header.
Deprecation of API methods
No additional methods of the legacy API (/ll_api/ll_api) are being deprecated or removed in this version.
The Lastline API documentation includes a deprecation schedule for methods in the legacy API, as well as information on how to replace usage of these deprecated methods with supported methods.
Released appliance versions
As part of this release, we are making available the following versions of Lastline appliances for use with Lastline Enterprise On-Premises:
- Lastline Manager version 722
- Lastline Engine version 722
- Lastline Sensor version 717.3
- Lastline All-in-one (pinbox) version 722