No stapp. Discussion continued over here - https://www.wilderssecurity.com/threads/what-is-deleting-this-registry-key.401430/ Thanks.
It depends a bit. It's the job of an AV to block malware from running at all, but once AV's get bypassed you need a second layer of defense and here is were behavior blockers, firewalls and anti-loggers come into play. Simply by blocking outbound connections, you can block lots of malware from achieving their end-goal. But when it comes to ransomware, you also need to monitor stuff like code injection and rapid file modification. I still think this should be made more clear on your website.
Good suggestion Rasheed, we are doing some redesign work this week, so I will pass this along. Note the Enterprise console changes are focused on the console itself. The matching update for the client is coming this week.
We have just released 3.4.1 today with a number of performance tweaks as follows. Please feel free to update using the Help > Update menu option. 3.4.1 – March 14, 2018 Improved JSON parsing performance and error detection Added logging messages to client autoupdate procedure Removed superfluous debugger messages Added logging of path name to PowerShell exe attack vectors Added support for SolarWinds Automation Manager Optimized network buffering performance Added several hundred new ad blocks Added option to Mute Geofencing notifications to client and Enterprise Improved SSL parsing performance Whitelisted system files from PowerShell blocks Optimized PowerShell attack blocking Improved whitelisting on IP addresses Improved SQL queries when using foreign character sets Reduced memory requirements when filtering Improved Ad blocking performance and detection over SSL Added global whitelisting option to Enterprise console
All on this machine now. Edge, FF, Chrome and IE. I was logged in when I upgraded and immediately couldn't access the site after.
No problem after upgrading my two other machines. Edit: Restored the problem machine and upgraded again. No problems this time. Note to self - Make sure browsers are closed before upgraded BFP.
3.4.2 – March 21, 2018 Relaxed SSL validation to allow sites with malformed headers to pass Added Powershell exception for developer console Added Powershell exception for HyperV Added more detailed logging when Whitelisting Updated Ad blocking rules Updated Service Load order dependencies Added over 100 new cryptocurrency mining blocks https://www.blackfog.com/changelog-privacy-win/
I've seen that the website has been updated, it now makes it more clear just what BFP has to offer, so good job. Like you already know I was a bit skeptical at first but currently BFP does look like an interesting security tool.
Darren, FWIW my biggest annoyance with BFP is still the inability to change the 10 minute Install Mode option. https://www.wilderssecurity.com/threads/blackfog-privacy.400343/page-8#post-2738543 https://www.wilderssecurity.com/threads/blackfog-privacy.400343/page-8#post-2738753
Hey Paul, how do you want it to behave? The reason we do it like this is that we find that non power users use it and then forget to turn it back on. Do you need longer? Trying to understand the use case.
3.5.0 – April 19, 2018 Enhanced logging with microsecond resolution Debug mode now available using Ctrl+D to enable and Ctrl+X to disable Ignore initial welcome screen with Enterprise license Added mutex synchronization around some variables Automatically defer browser forensic clean if a session is open Include IP in threat message as well as hostname when available Added mute privacy clean notification option for Enterprise Added mute all threats notification option for Enterprise Changed Enterprise license expiry handling Added blacklisting capability to network options and Enterprise console Correctly Detect closure of Internet Explorer shortcuts for browser clean Added GDPR Data Retention option to Enterprise console https://www.blackfog.com/changelog-privacy-win/
3.5.1 – May 8, 2018 Fixed minor leak when checking for new version Improved multi threading with large packet volume Improved performance of packet sniffing Re-signed application and drivers according to Microsofts new policies Disable PowerShell blocks during install mode Perform automatic upgrades with standard license Updated for build 1803 of Windows 10 Updated install mode to a default of 30 minutes https://www.blackfog.com/changelog-privacy-win/
3.5.2 – May 22, 2018 Fixed SSL blocks when using HTTP/2 Fixed possible DNS overflow with long domain names Added Build number to OS version string for console Added the ability to block Facebook in Network > Blocks Drivers now signed by Microsoft according to new rules since Windows 10 (1607) https://www.blackfog.com/download/ I was requested to uninstall 3.5.1 (by Darren Williams) before installing the new version. I believe Auto-Update has not been enabled as yet.
