Version 2020.10
Distribution Upgrade
Lastline Sensor version 1220 was the final version that supported Ubuntu Xenial as the operating system distribution. For the successful upgrade to 1240, Ubuntu Bionic is required.
You can check the distribution in use by an appliance in the Appliance Status view of the portal. The "Base Distribution" listed should be "bionic". If it is "xenial", the appliance distribution needs to be upgraded while still running sensor 1220 then upgrade the sensor version to 1240.
The upgrade of the distribution will require a reboot and may take up to an hour to complete. The distribution upgrade is not done automatically to prevent unexpected downtime. For instructions and support regarding the upgrade, please refer here.
New Features
- Implement web app dark theme
- Limit artifact downloads for PAPI
- Rename Lastline Enterprise to Lastline Defender on ISO Downloads
IMPLEMENT WEB APP DARK THEME
The release provides a dark theme option for the web UI. This new feature was tracked internally as FEAT-6378
LIMIT ARTIFACT DOWNLOADS FOR PAPI
With this release we are introducing limitations on the ability to download artifacts. If you have questions about this change, please contact the support team or your Lastline sales representative for further assistance. This new feature was tracked internally as FEAT-6360
RENAME LASTLINE ENTERPRISE TO LASTLINE DEFENDER ON ISO DOWNLOADS
In this release Lastline Enterprise installers have been replaced with Defender Limited. Customers with an active Enterprise license can move to Defender Limited. Contact Lastline technical support for details. This new feature was tracked internally as FEAT-6095
Detection Improvements
- LLAM-6654: Improved detection of XLSB threats.
- TRES-1526: Improved static detection of archive-bombs.
- LLAM-6669: Improved detection of information-stealing malware.
Bug Fixes and Improvements
- FEAT-6505: The TLS version and the cipher suite used in a TLS session are now exposed in TLS records accessible via the Network Explorer page.
- PLTF-2118: Fix issue with Active Directory integration on Bionic sensors.
Deprecation of APK analysis support
As announced previously, this release deprecates support for the analysis of Android files for malicious content.
Deprecation of MacOS dynamic analysis support
As announced previously, this release deprecates support for the dynamic analysis in macOS operating systems. We still continue to analyze the macOS files that are likely to compromise systems, as well as PDF and Word documents that can impact macOS. For additional details please contact Lastline Support.
Deprecation of Windows XP analysis environment
With this release we announce our intent to deprecate support for analysis in the Windows XP operating systems in our next hosted release (2021.1) Most malware targeting Windows XP environments explicitly will still be detected using other analysis environments, analysis techniques and analysis of dormant code.
Deprecation of API Methods
The Lastline API documentation includes a deprecation schedule for deprecated Portal API methods, as well as information on how to replace usage of these deprecated methods with supported methods.
Released Appliance Versions
As part of this release, we are making available the following versions of Lastline appliances for use with Lastline Defender Hosted:
- Lastline Sensor version 1240