CyberCNS Release Notes -2023

• Added View evidence install date, Last Vulnerability scanned time & identifying number under Remediation Plan for both Global and company view.

• Added View evidence install date, Last Vulnerability scanned time & identifying number under Remediation Plan for both Global and company view.

Bug Fixes:

• The ticketing and alerting side of the HaloPSA Integration issue Fix.

• The PII scan unavailable for IT admin roles across all companies, including restricted ones issue Fix.

Bug Fixes:

• HaloPSA Integration Ticket Blank issue Fix.

• Lightweight Agent not performing a vulnerability scan issue Fix.

• Incorrect Vulnerability under Unquoted Service Path issue Fix.

• The Global View dashboard shows the company but does not appear in the company dropdown issue Fix.

• Migration from On-Prem to SaaS Hosting issues Fix.

• After a full sync, MAC addresses were not displayed for duplicate assets, and IPMI devices appeared as a single asset in the company dropdown issue Fix.

• CyberCNS Agent 2.2.1 is released with below Fixes:

1. Added ConnectSecure V4 agent updation.

2. Added ConnectSecure V4 agent restart.

3. Added V4 agent updation in case of network issue.

Bug Fixes:

• The application baselines are not being detected correctly for the new customer issue Fix.

• The Citrix application is recognized as genuine software but with the wrong version in remediation plan issue Fix.

• The Vulnerability Assessment Anomalies issue Fix.

• Timeout Error When Snoozing/Suppressing Vulnerabilities issue Fix.

• In Remediations plan Not Remediating Microsoft old DB Driver issue Fix.

• Added patch message inclusion in notes when a ticket is created and closed under ConnectWise.

Bug Fixes:

• Screen Connect vulnerability listed issue Fix.

• Java JRE vulnerability – Remediated issue Fix.

• Automatic External Scan taking longer time issue Fix.

• Graphs in the internal vulnerability report for the Report Builder Beta- addressing count and percentage match issue Fix.

• Added EPSS data in the Pending Remediation EPSS Score Reports (xlsx).

• Added Secure Boot status in the Asset Report.

• Added Secure Boot status in the Asset Report.

• Added the security report card by bold text for both white and dark modes.

Bug Fixes:

• The vulnerability(CVE-2023-35349) Microsoft Message Queue (MSMQ) server issue Fix.
  
  

Bug Fixes:

• The remediation plan at the global level is lacking entries for certain applications issue Fix.

• The .NET application has been updated however, the remediation plan still reflects older vulnerabilities issue Fix.

• Kaseya BMS Integration issue Fix.

• Error occurs when attempting to Snooze/Suppress Vulnerabilities issue Fix.

• Detection of Vulnerabilities in Ruckus Wireless issue Fix.

• Login errors (401/403) encountered by users with customized roles issue Fix.

Bug Fixes:

• The remediation plan at the global level is lacking entries for certain applications issue Fix.

Bug Fixes:

• Backup software creates the duplicates issue Fix.

• External scan found the older CVE that does not have the fix version issue Fix.

• The Asset Column is absent in the Remediation Plan issue Fix.

• False Positive Alert for Asset Creation on Hyper-V Host issue Fix.

Bug Fixes:

• Backup software creates the duplicates issue Fix.

• External scan found the older CVE that does not have the fix version issue Fix.

• Vulnerabilities continually append the same ticket number issue Fix.

• The Asset Column is absent in the Remediation Plan issue Fix.

• False Positive Alert for Asset Creation on Hyper-V Host issue Fix.

• Report Unable to Close Evidence Window on Remediation Screen issue Fix.

• Added the last logon user to the Remediation Plan under Assets evidence details for Company View and Global View.

• Added the last logon user to the Remediation Plan under Assets evidence details for Company View and Global View.

• Added support to scan all the jQuery vulnerabilities along with the versions for the external scan.

• Added Ruckus Wireless Vulnerability Detection.

• Added to send an email notification to the registered email every 30 minutes, If a user logs in through SSO.

Bug Fixes:

• Keybase and telegram false positive vulnerability Fix.

• The issue with date-based filtering for Internal Vulnerability Reports and Asset Vulnerability Reports Fix.

Bug Fixes:

• Active Assets Tab Generating 500 Errors in Firewall Scan issue Fix.
  
  

• Added option to select multiple companies in CyberCNS SES Email during company mapping.

• Added the Online/Offline status of an agent in the Remediation Plan Assets details.

Bug Fix:

• Removed applications still showing under remediation plan though removed from Application Baseline issue Fix.

• Added option to select multiple companies in CyberCNS SES Email during company mapping.

• Added the Online/Offline status of an agent in the Remediation Plan Assets list.

• Added an option to Select Status for Ticket Updates in the Integration profile under Halo PSA Integration.

• Added an option to Select Status for Ticket Updates in the Integration profile under Halo PSA Integration.

• Added Installed Drivers in Asset Inventory Overview for Windows.

• Added the last vulnerability scan time stamp in the remediation plan evidence both at the Company View and Global View.

• Added Installed Drivers in Asset Inventory Overview for Windows.

• Added the last vulnerability scan time stamp in the remediation plan evidence both at the Company View and Global View.

• Added a drop-down to Exclude Companies in the Global level Remediation Plan.

Bug Fix:

• The error related to the large data reported in PII documents in both DOCX and XLSX formats issue Fix.

• Scheduled reports SES email changed to notifications@connectsecure.com.

• Added a drop-down to Exclude Companies in the Global level Remediation Plan.

CyberCNS Agent 2.1.9 is released with below Fixes:

1. Skipping Oscap scan for both Linux lightweight agent scan and SSH scan.

2. Fixed lightweight agent scan to default 12 hours if scheduler is set for for more than 12 hours.

3. Added code to clean up the netatemp directory if any files are there for more than 60 minutes. Verified _MEI*Temp folders created in windows/system32/netatemp or /windows/Temp/ location.

4. Full scans not Including all assets Fix.

5. Added SUSE Linux OS scanning and vulnerabilities support.

Bug Fix:

• Asset search not working issue Fix.

• Added Remediation by EPSS score-15 days pie chart, Remediation by EPSS score-3 days pie chart, Remediation by EPSS score-30 days pie chart under Report Builder ( Beta) for Remediation plan block.

• Added Patch Job Status Pie chart, Patch Job Status-30 days Pie chart under Patch Status of Report Builder beta.

• Added Remediation status and Vulnerability Summary graphs under Report Builder beta.

• Added Disable option for Default Tags both at Company and Global Level.

• Untangle Firewall integration renamed to Arista Firewall.

• Added Other Assets reports in xlsx format.

Bug Fixes:

• Connectwise Ticket auto closing issue after it’s remediated Fix.

• Even after the Applications were remediated it was shown under pending issue Fix.

• In Installed Patches, KBs will be redirected to the Microsoft Catalog for additional details on the respective KBs.

• Added Disable option for Default Tags both at Company and Global Level.

• Untangle Firewall was renamed to Arista Firewall.

• Removed source type Filter in PII scan Results- Beta.

• Modified the agent installation script specifically for Mac.

Bug Fix:

• Group by Fix issue under Remediation Plan Action Fix.

• Added default_snmp_community Vulnerability in Network Scan Findings.

• Added Delete option to delete Other Assets under Other Assets.

• Added Delete option to delete Other Assets under Other Assets.

• Added external scan alerts if grade downgrades from A.

• Added the Last Logon User column in Pending Remediation EPSS Score Reports under Remediation Plan Reports in PDF, doc, and Excel formats.

Bug Fixes:

• Discovery settings now are shown in Network scan findings Fix.

• Internal vulnerabilities report can download particular month data Fix.

• Added Windows 11 compatible check docx report.

• Added SNMP scan and firewall scan job status download report in the job section.

• Added a new column in the remediation plan xlsx report.

• Added an automatic private note for any update on the ticket under Halo PSA Integration.

Bug Fixes:

• Inconsistent patch jobs to job status Fix.

• Group by fix - integration action and snooze activate Fix.

• CVE-2023-36036 not showing the base and exploit score issue Fix.

• Internal vulnerability data was shown in the incorrect report issue Fix.

• Group by fix - integration action and snooze activate Fix.

Bug Fix:

• Secure boot status Fix.

Bug Fixes:

• PII scan report issue Fix.

• In the remediation plan after updating to the latest version still recommend old version issue Fix.

Bug Fixes:

• Filter and Search option in Kaseya(Post_Jan2022) issue Fix.

• Application baseline deleted entries are still listed under the remediation plan issue Fix.

• Application baseline duplicates issue Fix.

• WordPress plugins are not discovering through external scan issue Fix.

• Added new Overall Summary Report under Standard Reports> Vulnerability Reports.

• Added a new column login method in Users.

• Added New Pending Remediation EPSS Score Report" and " Remediated EPSS Score Report" under Remediation Plan Reports.

• Added indication of what period/month the report is for in the executive summary report.

Bug Fixes:

• 3rd party patching application issue Fix.

• Patch Job pending Status issue Fix.

• In HaloPSA, once the ticket closes, if there are any alerts related to the same ticket, it will reopen the issue Fix.

• New user activation email template issue Fix.

• In the standard Executive Summary Report- docx format, the risk grade is not displayed issue Fix.

• Added a new column login method in Users.

Bug Fixes:

• Patch Job pending Status issue Fix.

Bug Fixes:

• The asset name shows in the description but it doesn't link the asset with the ticket issue Fix.

• Creating multiple duplication assets in AutoTask issue Fix.

Bug Fixes:

• The asset name shows in the description but it doesn't link the asset with the ticket issue Fix.

CyberCNS Agent 2.1.8 is released with the below Fixes:

• Server Busy error under External scans issue Fix.

• PII Scan for path exclusion issue Fix.

• Templates Download for Windows issue Fix.

• Mac agent multiple cybercns.deamon running under agent issue Fix.

• PII scan for multiple drives, the results was not populating with all scan counts issue Fix.

• Scheduled scan trigger when the lightweight agent is offline issue Fix.

• Multiple Firewall assets scan issue Fix.

• It removes the PAExec binary, but CyberCNS_DissolvableAgent.exe remains in the C:\Windows directory issue Fix.

Bug Fixes:

• The application baseline rule was edited to remove the application name, but the deleted application is still being reported under the remediation plan issue Fix.

• The deleted application baseline rules is still reporting under the remediation plan issue Fix.

• The CVE’s for zoom application issue Fix.

• Added scan date to all PPTX files in Export Vulnerability Overview report .

• Added New CloudRadial Integration for Report Integration.

Bug Fixes:

• The lightweight agent scheduler is being subjected to external scans jobs issue Fix.

• In RemediationPlan report(Xlsx), all tabs using CVE remediations the Asset names are missing issue Fix.

• Vulnerability bug for Forticlient, Microsoft S/MIME, Splashtop streamer, Oracle Firefox, Microsoft – Cloud, Computers, Apps & Gaming Framework 4.8 issue Fix.

• Chocolatey Name mismatch in the Citrix workspace and CIsco Webex issue Fix.

• Added New CloudRadial Integration for Report Integration.

Bug Fixes:

• The Last AD Scan Time is not displayed based on the latest synced data issue Fix.

• In Active Directory Scan, the Last AD scan time is updated based on the user's table issue Fix.

Bug Fixes:

• External Scan Configuration addition not saving issue Fix.

• Added Time Elapsed under the view column in patch jobs for ConnectWise Manage Integration & Auto Patching.

• Added Web Installer format under Lightweight agent For Windows Operating System in Probe/Agent.

• Added Time Elapsed under the view column in patch jobs for ConnectWise Manage Integration & Auto Patching.

• Added Web Installer format under Lightweight agent For Windows Operating System in Probe/Agent.

Bug Fixes:

• Asset name with the numeric value issue Fix.

• In Standard Reports reports data limit increased Fix.

• Added FileVault-encrypted status in storage for Mac under Asset Inventory Overview.

Bug Fixes:

• Inconsistent table view results and search not working for Active Asset issue Fix.

• Getting a 403 error when clicking the Autotask default template issue Fix.

• Added FileVault-encrypted status in storage for Mac under Asset Inventory Overview.

• Added AD Audit login Failure under AD audit Block in Report Builder(Beta).

Bug Fixes:

• Azure AD Licenses below, were under wrong category of licenses. These are added to free licenses: 'SMB_APPS', 'POWER_BI_STANDARD', 'TEAMS_FREE', 'POWER_BI_STANDARD_FACULTY', 'POWER_BI_STANDARD_STUDENT', 'FLOW_FREE', and 'TEAMS_EXPLORATORY' issue Fix.

• Added the EDR application settings we are supporting for the services.

Bug Fixes:

• SAML Authentication fails to redirect to the portal issue Fix.

• Critical Applications Summary tile count mismatch issue Fix.

• ConnectWise Manage Ticket Integration malfunction issue Fix.

• Added the last logon user's column under the remediation plan xlsx report.

Bug Fixes:

• Patch icon missing under remediation plan pending status for Microsoft Teams and Dell support assist issue Fix.

• Suppress vulnerability days for Microsoft patches issue Fix.

• Pending job for the offline agent scheduler in auto patch issue Fix.

• Changed GPO linked and nonlinked query in reports issue Fix.

• Application Baseline issue Fix.

• Removed GPL Ghostscript from the auto patch list issue Fix.

• Added a new event as Asset Credential Scan Failed under the Asset category event set.

Bug Fixes:

• Disable MySQL Command History CIS issue Fix.

Bug Fixes:

• Automated Remediation Ticket Flow, Initial description added to the ticket issue Fix.

Bug Fixes:

• Automated Remediation Ticket Flow, Initial description added to the ticket issue Fix.

• Added disclaimer, when downloading the Compliance Remediation.

Bug Fixes:

• Mismatch data in the Executive Summary and Assessment Report differ in the OS Breakdown issue Fix.

• Missing asset user data under report builder issue Fix.

Bug Fix:

• Application Baselines not showing up in the Remediation Plan section issue Fix.

• Report builder AD Audit report download issue Fix.

Bug Fixes:

• Import companies in integration issues Fix.

• Active asset filter view issue Fix.

Bug Fixes:

• The daily report limit on performance issue Fix.

• Added Scheduler Name column for External Scan jobs.

• Added a Scheduler Name column for External Scan jobs.

Bug Fixes:

• The affected assets for CVE-2016-2183 were not showing in Search CVE from the Master database issue Fix.

• Added Notification on Azure AD sync failure.

Bug Fixes:

• Application Baseline is not showing up in the Remediation Plan section issue Fix.

• Compliance report card issue Fix.

• The Scan Scheduler does not trigger Issue Fix.

Bug Fixes:

• Active Directory Reports were not showing complete data issue Fix.

• Unique count in AssetReport issue Fix.

• Added the option to Enable or Disable auto-play within the secure configuration of the Cyber Essentials.

• Added the option to Enable or Disable auto-play within the secure configuration of the Cyber Essentials.

• Added dashboard called CISA Dashboard at Global and Company level.

• Added Probe Performance Management to the Global-View settings.

• Added Probe Performance Management to the Global-View settings.

Bug Fixes:

• The top 5 vulnerabilities are listed according to their severity of risk score issue Fix.

• Added a Date Filter in the standard report section.

• Added International date and time formats for reports.

• Added Delete option for PII scan results.

Bug Fixes:

• When the asset is modified - the same has been applied when viewed from the table view issue Fix.

• Added Delete option for PII scan results.

Bug Fixes:

• When the asset is modified - the same has been applied when viewed from the table view issue Fix.

• Added a date filter in the standard report section issue Fix.

Bug Fix:

• HIPAA Compliance Duplicate Titles issue Fix.

• Added CISA vulnerability report in Docs & Xlsx format under the Standard Reports section.

Bug Fix:

• Data discrepancy issue in report scheduler Fix.

Bug Fixes:

• When scheduling an auto patch scheduler for an agent, if the agent becomes offline, the scheduler will automatically pause. Upon the agent's return to an online status, the scheduler will resume patching issue Fix.

• The issue with the search option in the table view under active assets being case sensitive Fix.

• Any sheet with more than 15k rows will generate one CSV for each sheet and provide the zipped folder for download under Standard Reports, and Report Scheduler.

Bug Fixes:

• Error in report execution failed when few reports were being downloaded issue Fix.

• External scan scheduler issue Fix.

• Added Azure Active Directory block under Report Builder.

Bug Fix:

• External Scan Dashboard data not reflected issue Fix.

Bug Fixes:

• If a company applies a compliance filter to one of its assets, it typically means that the same filter is used for all of the company's assets, but sometimes it might affect assets in other companies issue Fix.

• Scan scheduler scans using Tags should run for only selected discovery settings tags.The scan will trigger only for those included tags (IPs or domains) issue Fix.

• Added Compliance Benchmark in the Compliance Summary.

• Added Deprecated Asset Retention Period in both Global level and Company level.

• Added appropriate error message when a patch job failed.

• Added Choose Agent Type filter under active assets.

• Added Deprecated Asset Retention Period in both Global level and Company level.

• Added Risk Score historic trends to the Risk Score Card Dashboard for both Global and Company levels.

Bug Fix:

• In the Global View> Auto patch scheduler, if a company has been deleted, no error message is generated Fix.

• Added Patching by company dashboard for the Global level.

• Added CISA Dashboard for both Global and company levels.

• Added remediation and vulnerability if Powershell 2.0 is enabled.

• Added Compliance Security Report Card to the Security Report Card Dashboard at Company level.

• Added Patching by company dashboard for the Global level.

• Added CISA Dashboard for both Global and company level.

• Added Compliance Security Report Card to the Security Report Card Dashboard at Company level.

Bug Fix:

• Only Admin has access to change Fav Logo and Fav Icon Fix.

• Customising Asset Report by manually changing the asset name.

• Added NYDFS(New York State Department of Financial Services) Compliance assessment under Compliance Assessments.

Bug Fixes:

• If there is no data available, the Network Scan Findings will show no information Fix.

• Azure AD CSP Integration Fix:

  1. Token expiry re-authentication issue Fix.

  2. Changed admin consent authentication copy link.

• Added NYDFS(New York State Department of Financial Services)Compliance assessment under Compliance Assessments.

CyberCNS Agent 2.1.7 is released with the below Fixes:

1. Added the option to enable and disable Active Directory (AD) machine audit scans under company-level settings.

2. Fixed the issue with HTTP security header vulnerability sections, which previously displayed all security headers if there was at least one security header.

3. Implemented a solution for missed Lightweight agent scans due to the unavailability or shutdown of lightweight agents; now, it will initiate a force scan when the agent comes online.

4. Introduced a new vulnerability category for temporary SSL certificates.

5. Implemented a retry mechanism for patching when unable to reach the Chocolatey server; it will attempt to obtain patch applications from the global Chocolatey repository.

6. Added two new compliance-related functions.

• Added Executive Risk Summary, Company Level Risk Score, Remediation Resolved in 30 days, Operating System Breakdown, Security Report Card Summary, Company Grade, Vulnerability Assessment: Top 5 Vulnerabilities, Security Report Card Summary, OS Breakdown, Top 5 patches, Remediation Summary For last 30 days, Compliance Report Card Summary in Assessment Report.

Bug Fix:

• In Active Asset Vulnerabilities Report, suppressed vulnerability is shown is another tab.

• Added Set Date Format under Global level Settings.

• Added Set Date Format under Global level Settings.

Bug Fix:

• For PSA ( ConnectWise & Autotask), Configuration is Enabled Create a Ticket issue Fix.

Bug Fix:

• Azure AD CSP licenses count mismatch issue Fix.

• Added HIPAA (Health Insurance Portability and Accountability Act) Compliance assessment under Compliance Assessments.

• Added FADP (Federal Act on Data Protection) Compliance assessment under Compliance Assessments.

• Added HIPAA(Health Insurance Portability and Accountability Act) Compliance assessment under Compliance Assessments.

• Added FADP (Federal Act on Data Protection) Compliance assessment under Compliance Assessments.

• Added option to enable the critical and high event set option while also having the "EPSS greater than X score" even set option enabled at the same time.

• Added option to enable the critical and high event set option while also having the "EPSS greater than X score" even set option enabled at the same time.

CyberCNS Agent 2.1.6 is released with the below Fixes:
1. Added remediation for Linux vulnerabilities if USN or fixes available for the vulnerable software.
2. Added linked GPO fixes.
3. Codename Fix for Linux and Mac.
4. Vulnerability scan optimized for Linux.

• Changed the response from "Settings Not Found" to "Settings Not Found /Agents Offline".

Bug Fixes:

• EPSS score exact value is visible under active assets > Remediation Plan.

• Changed the response from "Settings Not Found" to "Settings Not Found /Agents Offline".

Bug Fixes:

• EPSS score exact value is visible under active assets > Remediation Plan.

• Error popup message changed for Roles naming Fix.

• Added HIPAA Compliance for MAC.

• Remediation filters- can select two options now (Alerting) Remediation filters- can able to select two options now (Alerting)

• Added pdf and xlsx report formats for Risk Score by Assets report.

• Remediation filters- can select two options now (Alerting) Remediation filters- can able to select two options now (Alerting)

• Added pdf and xlsx report formats for Risk Score by Assets report.

• Added Description Keys [remediationhost.ip, remediationhost.mac, remediationhost.serial_number, and remediationhost.host_name] under Ticketing templates.

Bug Fix: