April 30, 2025
Submit false positives for web detections
New Feature
Submit false positives on websites ThreatDown detects as threats directly from within the console. With a few clicks from the Detection Center or from an endpoint's detection tab, create a submission for one or more Web Protection events directly to ThreatDown Research.
Features and Improvements
- No other improvements this release.
Issues Fixed
- No fixes this release.
April 29, 2025
Automatic isolation on critical severity suspicious activities
New Feature
Auto Isolation empowers users to configure automatic isolation for Windows, Linux, and macOS systems. With options for Networking Isolation and Process Isolation across all supported operating systems and Desktop Isolation specifically for Windows, users gain granular control over how to contain threats based on their severity and nature.
Improvement
Updated email design for ThreatDown Nebula
We've refreshed the design and content of emails sent from ThreatDown Nebula. Key enhancements include:
- Consistent look & feel: A modern, unified design across all email communications.
- Improved clarity: Refined text for easier understanding at a glance.
- Clear calls to action: More obvious next steps when required. This update ensures a smoother email experience.
- Improved aggregated emails: To enhance email readability and formatting, detailed event lists are no longer displayed in the email body and are now provided via an included downloadable CSV file.
Features and Improvements
- No additional features this release.
Issues Fixed
- NDEV-17770: Fixed an issue where the Nebula login page on the Malwarebytes domain was accessible and did not redirect to the appropriate ThreatDown domain.
- NDEV-18010: Fixed an issue that prevented the default block page for DNS Filtering from rendering.
- NDEV-18227: Fixed an issue that caused the preview for the default block page for DNS Filtering to be distorted.
- NDEV-18195: Fixed an issue that caused sorting on the Groups page to be case-sensitive.
April 25, 2025
Microsoft Outlook and Exploit Protection conflict
Hotfix
Temporarily disabled the Block potentially malicious email attachments protection policy setting and removed Outlook.exe as a protected application with Exploit Protection. This is to work around an issue with Outlook crashing and hanging. For more information and the latest updates on the issue, see Microsoft Office conflict with Nebula Exploit Protection.
Features and Improvements
- No improvements this release.
Issues Fixed
- No other fixes this release.
April 24, 2025
Browser Phishing Protection
New Feature
The Browser Phishing Protection extension is now available for Windows devices. This feature helps protect end users from web-based threats, including malicious domains, phishing attempts, ads, and tracking scripts, providing a more secure and seamless browsing experience. Currently, the extension is supported on Chrome, Edge, and Brave.
Improvement
Ransomware Risk Vulnerabilities
Ransomware Risk Vulnerabilities are a classification of vulnerabilities identified by Cybersecurity and Infrastructure Security Agency (CISA) as being actively used in ransomware campaigns. These vulnerabilities should be patched with priority as recommended by CISA, and are now flagged on the Vulnerabilities page in the:
- CISA Recommended column
- Quick filter at the top of the page
- Vulnerability slide-out details
Features and Improvements
- Added ability for users to have granular control over which endpoint(s) and/or group(s) trigger a specified notification. The endpoint and group conditions are available for Threat Activity and Endpoint Agent Activity notifications.
- Added ability to display and exclude Preview patches. Preview patches are optional, non-security updates released by Microsoft. For more information, see Preview of Monthly Rollup. This feature is rolling out over the next few months and requires Engine version 2.0.0.248 or later.
Issues Fixed
- No fixes this release.
April 15, 2025
OS Patch bugfix
Bug fix
Resolved multiple issues related to OS patches without a KB ID.
Features and Improvements
- No improvements this release.
Issues Fixed
- NDEV-12723: Resolved an issue where multiple unrelated patches displayed in the Patch Management slide-out when clicking on a patch without a KB ID.
- NDEV-12650: Resolved an issue where some patches without a KB ID could be missing from the endpoint details slide-out of the Endpoints page.
April 10, 2025
Policy bug fix
Bug fix
Resolved a bug with the last updated and updated by columns on the policies page.
Features and Improvements
- No improvements this release.
Issues Fixed
- NDEV-17094: Resolved an issue where all policies were updated with the same last updated information when a change was made to an item associated with a policy, such as an exclusion or DNS Filtering rule.
April 3, 2025
Various bug fixes
Bug fixes
Resolved bugs with OS patches, Security Advisor, aliases, and the APIs.
Features and Improvements
- No improvements this release.
Issues Fixed
- NDEV-16449: Resolved an issue where the Security Advisor score colors in the agenda didn't match the colors displayed in the chart for a "Very Good" score.
- NDEV-17934: Resolved an issue where endpoint aliases didn't display correctly in a Tasks Summary report.
- NDEV-18023: Resolved an issue where OS patches were not retrieved for endpoints.
- NDEV-18141: Resolved an issue where the /accounts/:accountId/endpoints API would not apply filters passed in the request body.