v3.62.0
github-actions
released this
21 Mar 21:41
·
5877 commits
to develop
since this release
New Analytic Story
- CVE-2023-21716 Word RTF Heap Corruption
- CVE-2023-23397 Outlook Elevation of Privilege
New Analytics
- Okta Mismatch Between Source and Response for Okta Verify Push Request
- Okta Multiple Failed Requests to Access Applications
- Okta Suspicious Use of a Session Cookie
- Okta Phishing Detection with FastPass Origin Check
- Okta ThreatInsight Login Failure with High Unknown users
- Okta ThreatInsight Suspected PasswordSpray Attack
- Windows Rundll32 WebDAV Request
- Windows Rundll32 WebDav With Network Connection
Other Updates
- Updated
ransomware_notes.csv
andransomware_extensions.csv
files and transforms definition (thanks to @VatsalJagani ) - Updated playbook name to
CrowdStrike OAuth API Device Attribute Lookup
- Updated several analytics to integrate better with Enterprise Security