ESET Threat Intelligence – Table of Contents

Release Notes

Copy current article URL Share via email

This article (PDF) Whole documentation (PDF)

This page displays the changelog for ESET Threat Intelligence (up to the last ten releases with the latest version on the top). See also the release dates and the latest versions of ESET applications and cloud solutions.

Version 2.4.1.0

•Removed: APT report upload to MISP

Version 2.4.0.0

•New: Dashboard

•Changed: The MISP access link moved to the APT Reports section

•Improved: Sample Reports relocated to the Threat Insights section

•Changed: TAXII Feeds renamed to Data Feeds

•Improved: YARA Rulesets, YARA Matches and Botnet Reports moved to the Early Warnings section

•Improved: Users, Approval Requests relocated to the Admin Settings section

•Improved: Access Tokens and Credentials moved from Profile to the Admin Settings section

•New: IoC search added as a preview feature to the Threat Insights section

•Added: New data feeds: PUA adware files and PUA dual-use app files

•Improved: Certificate and Targeted Reports merged as YARA Reports in the Early Warnings section

•Improved: User interface

•Improved: Bug fixes and improvements

Version 2.3.0.0

•New: APT tagging feature, enhancing users’ ability to track and analyze Advanced Persistent Threats (APTs) more effectively

•New: ESET AI Advisor streaming, which enables users to receive answers word by word in real time, eliminating the need to wait for the entire response to load

•Added: MISP UUID and Report Issue ID in APT Report Detail in the sidebar

•Added: Automatic disabling of unused YARA rulesets

•Added: Login button to account approval email notification

•Improved: Other bug fixes and back-end improvements

•MISP Tags:

oUpdated: tlp:amber to tlp:amber+strict

oAdded: New tags: Activity Report and Threat Report

oUpdated: MonthlyOverview tag to Monthly Overview

oUpdated: MonthlyDigest tag to Monthly Digest

•MISP Galaxies:

oUpdated: All MISP events were updated with ESET Threat Actor galaxies

•MISP Events:

oUpdated: PDFs will no longer be attached to events (as of May 2025); instead, a direct download link and API ID to the ETI portal will be provided within MISP fields

oUpdated: MISP victim objects:

▪Fixed: Typos in country names and verticals

▪Fixed: Objects where verticals were not in MISP victim object definition (https://github.com/MISP/misp-objects/blob/12c4d69bce296588e94715a559ab380ed99dc126/objects/victim/definition.json#L79)

▪Fixed: The issue where an event contains one victim object with multiple attributes instead of one victim object per victim/vertical

▪Events that did not have the victim object (before mid-2022) stay without the victim object

oFixed: Old MISP events info that did not respect the name convention

oFixed: Old Activity Summary did not have a Report event

oAdded: Monthly Digest extends the Monthly Overview that extends the Activity Summary and Technical Analysis of the month

oAdded: Old and recent Pre-Release (PRE) events

Version 2.2.0.0

•Added: TAXII server—9 new feeds (Android threats, Android infostealer, Cryptoscam, Malicious email attachments, Phishing URL, Ransomware, Scam URL, Smishing, SMS scam)

•Improved: TAXII server—APT feed performance improvement

•Added: Display the number of unread items in the menu

•Added: Filter for read/unread items (reports, YARA matches)

•Improved: Limit history length of chat conversation that is sent with each question in ESET AI Advisor

•Improved: UI for generation of TAXII credentials

•Improved: Other bug fixes and back-end improvements

Version 2.1.1.0

•Improved: Reports now contains also rename operations for the Windows registry keys

•Improved: Other bug fixes and back-end improvements

Version 2.1.0.0

•Added: ESET AI Advisor for customers with APT reports PREMIUM subscription

•Improved: Taxii feeds: Identity, Malware, DomainName, IPv4/IPv6Address, and Location SDO identifiers are unique for the same data. Uniqueness is guaranteed up to 30 days after the last object update

˄˅