Release Notes August 2021
Release Date: 2021-08-26
Version: 4.30-10.0.el7
Important Notice for all HIAB customers
Last year we changed the way we handle encryption of HIAB backups to increase security, speed and reliability. This has been implemented for encryption and decryption of current backups, however we have kept the legacy decryption function to support older backups.
HIAB Backups have been using the new method since January 2021. If you have not performed a HIAB backup since January 2021, you should perform a backup to ensure that it can still be decrypted successfully if needed.
The legacy method of decryption will be removed in September 2021. If there is a potential issue with this, please contact Outpost24 Support.
New Features
Appsec SWAT
- Improved the change detection elements of the SWAT service, this means customer may see more findings being reported due to major changes in the applications web page / attack surface.
Appsec Scale
- Added finding for several types of Content-Security-Policy misconfigurations.
Netsec
Added VNC default credentials detection.
- Added Opengear version detection.
- Added Dell EMC OpenManage Enterprise detection.
- Added service detection for Checkmk.
- Added service detection for apcupsd.
- Added service detection for pop3pw.
Agents
- Win
- previous version: 1.12.3
- current version: 1.13.0
- previous version: 1.12.3
- current version: 1.13.0
- previous version: 1.12.3
- current version: 1.13.0
Note
We recommend all customers to update to the latest version of the agent. It contains bug fixes and other improvements.
More information on updating is available here: Installing Outpost24 Agents
Bug Fixes and Minor Improvements
- Fixed several agent issues linked with decryption.
- Fixed Data Sovereign setup.
- Fixed NSF bug in HIAB.
- Fixed SWAT false positive with Apache Coyote 1.1.
- Fixed scanning interval in reports .
- Fixed time zone schedules.
- Resolved issue where URL parameters in HTML bodies could be detected as Azure API keys.
- Added detection of a few TP-Link consumer broadband routers.
- Resolved issue where
`cat /proc/self/cgroup`
would run too often during authenticated SSH scans. - Resolved false positive where the H.323 protocol would be detected.
- Several internal performance and maintainability improvements in scripts and their libraries.
Copyright
© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Trademark
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.