2024-03-04 Release Notes (v5.7.0)

  • Updated

Announcements

Last chance to register for SO-CON!

SO-CON is just a week away, and we can't wait to see everyone! This is your last chance to register for a full-day summit of incredible speakers on March 11, followed by four days of training in several well-reputed courses!

Courses run March 12-15 from 9AM - 5PM ET:

  • Adversary Tactics: Detection
  • Adversary Tactics: Red Team Operations
  • Adversary Tactics: Tradecraft Analysis
  • *NEW* Azure Security Fundamentals

Find out more and register to join us: https://specterops.io/so-con/

Summary

  • BloodHound (v5.7.0)
    • New and Improved Features
      • Added support for AD Certificate Services ESC 6b / 9b / 10b Attack Paths
      • Reduced memory impact during data ingest
      • Improved performance on the Group Management view
      • Improved visualization of edges that begin and end at the same node
    • Bug Fixes
      • [BHE Only] Fixed an issue with Microsoft Graph App Role reconciliation
      • [BHE Only] Truncated exposure measurements to two decimal places on the Attack Paths view
      • Resolved several issues related to unexpected timeouts
      • Improved handling of invalid JSON during ingest
      • Creating custom asset groups no longer allows whitespace in the "tag" property
  • SharpHound (v2.3.5 - BHE, v2.3.2 - CE)
      • No new release.
  • AzureHound (v2.1.7)
      • No new release.

BloodHound (v5.7.0)

New and Improved Features

  • AD Certificate Services ESC 6b / 9b / 10b - AD Certificate Services Attack Paths are incredibly complex, with each escalation path containing multiple variations. Our first variation on an existing path set expands BloodHound's ability to identify ADCS Attack Paths within your environment. For BloodHound Enterprise users, these will automatically appear as Attack Path findings if present in your environment.
  • Reduced memory impact during data ingest - While applicable to both products, this change will be most noticeable to BloodHound CE users as data ingest now utilizes a streamed ingest parser, significantly reducing the amount of memory utilized during data ingestion.

    Our engineering team is actively pursuing support for ZIP file ingest, and expect to deliver that in our next release!
  • Improved visualization of edges that begin and end at the same node - Sometimes, a picture best describes a change!
  • Improved performance on the Group Management view

Bug Fixes

  • [BHE Only] Fixed an issue with Microsoft Graph App Role reconciliation
  • [BHE Only] Truncated exposure measurements to two decimal places on the Attack Paths view
  • Resolved several issues related to unexpected timeouts
  • Improved handling of invalid JSON during ingest
  • Creating custom asset groups no longer allows whitespace in the "tag" property

SharpHound (v2.3.5 - BHE, v2.3.2 - CE)

No new release.

AzureHound (v2.1.7)

No new release.