The application now includes:

• New dashboard package AD PRIVILEGE ESCALATION CVE-2021-42278/87 to visualize Windows privilege escalation vulnerabilities.
• New alert packages Computer Account Creation followed by Suspicious Rename, Suspicious Computer Account Rename followed by TGT Request, and Suspicious Kerberos S4U2self Request to detect Windows privilege escalation vulnerabilities.

Enhancement

New dashboard package LP_AntiMalware and the search template LP_Antimalware has now been added to visualize the AntiMalware events.

Enhancement

The LP_COBALT STRIKE dashboard package and the LP_Cobalt Strike Default Named Pipes Detected alert's query have been enhanced.

Enhancement

The application now includes the dashboard package LP_COBALT STRIKE and alert packages LP_Suspicious Process Execution Without DLL, LP_CobaltStrike Process Injection Detected, LP_Meterpreter or Cobalt Strike Getsystem Service Start Detected, and LP_Suspicious Share Pattern in Service to visualize and detect the Cobalt Strike malware. Also, the LP_Cobalt Strike Default Named Pipes Detected alert's query has been enhanced.

Enhancement

• The application now includes the dashboard LP_Print Nightmare and alert packages LP_Printer Driver Addition Detected, LP_Printer Plugin Load Failed, and LP_Suspicious Process Spawn by Print Spooler to visualize and detect the PrintNightmare vulnerability. 
• New widgets have been added in the LP_CEO Fraud dashboard package. 

Enhancements

• The application now includes the dashboard LP_NOBELIUM EMAIL ATTACK CAMPAIGN and the alert rule LP_NOBELIUM Email-Based Attack Detected to visualize and detect recent email-based attacks from NOBELIUM.
• The application now includes the search templates LP_Threat Hunting and LP_Firewall, which provide an overview of threat and firewall activities respectively.
• Some obsolete dashboards, alert rules, and reports have now been removed from the application.