BlackFog 4.2 offers a new feature called “execution prevention” within the settings. This option provides a new technique for preventing malware execution.
Typically, organizations and previous editions of BlackFog utilized a whitelisting approach, whereby execution of rogue malware was prevented by blocking execution in specific directories such as temporary folders or application data directories. Whilst very effective at preventing malware, the downside was that many legitimate applications often used these locations as well. Even though this is against guidelines, companies such as Google and Microsoft’s own applications sometimes used this method, meaning that when you installed a new application that used these directories you had to whitelist the files. Users found this to be invasive so we decided to develop a new approach.
We have eliminated whitelisting in favor of process monitoring and application validation. This is a behavioral technique for detecting malicious activity. The principle behind this technique is that malware often masquerades as other applications, spawns from system processes and executes in certain ways. In these scenarios we introspect all of the processes to see if they are being hijacked, replicated or simply spoofed. As with the data exfiltration rules, this is done in real-time.
Ultimately this will lead to less false positives and ensure more accurate protection than whitelisting can ever provide. In addition, this will protect execution across the entire device rather than specific directories.
Related Posts
Healthcare Under Siege: Ransomware Attacks Soared in 2024
Healthcare ransomware attacks surged in 2024, putting patient data and critical services at risk. Discover key stats, major incidents, and how healthcare organizations can defend against evolving cyber threats.
The State of Ransomware 2025
BlackFog's state of ransomware report 2025 measures publicly disclosed and non-disclosed attacks globally.
Types of Data Breaches and Prevention Steps
Ensure you're aware of these common types of data breaches to stand the best chance of protecting your valuable information.
Malvertising: What is it and How Can it Lead to a Ransomware Attack?
What are the key things businesses need to know about ransomware removal and recovery?
AWS Data Breach: Lesson From 4 High Profile Breaches
Take a look at 4 high-profile AWS data breaches, their root causes, and the vulnerabilities that made them possible. Learn about strategies to secure your cloud infrastructure and protect against similar risks.
The 5 Biggest Ransomware Attacks of 2024
Cybersecurity was still very much dominated by ransomware attacks in 2024. In this article we look back at five of the most notable incidents of the year.