Release Notes Content 4.10.0
- Sudoers File Modified: Enhanced detection of modifications to the sudoers file.
- New Script Executed, New Script Executed in Container: Enhanced detection of new scripts being executed, complimentary to new files being executed.
- Kernel ROP: Core detection of kernel return oriented programming (ROP) which can be used as part of a kernel exploit.
- Unprivileged Unshare: Enhanced detection of non-root programs creating new namespaces which can be used as part of kernel exploits.
- Coverage Drop Detected: Audit-level notifications when a drop in coverage is detected due to high system load.
- Fixes potential false positives in the Remote Access Tool Download policy