BlackFog 4.2 offers a new feature called “execution prevention” within the settings. This option provides a new technique for preventing malware execution.
Typically, organizations and previous editions of BlackFog utilized a whitelisting approach, whereby execution of rogue malware was prevented by blocking execution in specific directories such as temporary folders or application data directories. Whilst very effective at preventing malware, the downside was that many legitimate applications often used these locations as well. Even though this is against guidelines, companies such as Google and Microsoft’s own applications sometimes used this method, meaning that when you installed a new application that used these directories you had to whitelist the files. Users found this to be invasive so we decided to develop a new approach.
We have eliminated whitelisting in favor of process monitoring and application validation. This is a behavioral technique for detecting malicious activity. The principle behind this technique is that malware often masquerades as other applications, spawns from system processes and executes in certain ways. In these scenarios we introspect all of the processes to see if they are being hijacked, replicated or simply spoofed. As with the data exfiltration rules, this is done in real-time.
Ultimately this will lead to less false positives and ensure more accurate protection than whitelisting can ever provide. In addition, this will protect execution across the entire device rather than specific directories.
Related Posts
Fast Flux Attacks Explained and How to Prevent Data Exfiltration
Find out how "fast fluxing," a technique used by cybercriminals and rogue nations to hide their online actions, poses a risk to national security and how BlackFog's technology stops sensitive data from being stolen.
Black Basta Ransomware: Protection, Prevention, and Recovery Guide
Learn how to stay safe from Black Basta ransomware group with advice on how to spot, prevent, and recover from attacks. Understand how these attacks work, explore real-life examples, and discover strategies to protect against ransomware.
Ascension Ransomware Attack: Impact and Prevention Tips
Learn how the Ascension ransomware attack disrupted healthcare services, the financial consequences, and the cybersecurity lessons it taught. Also receive advice on protecting patient data and preventing similar attacks in the future.
Essential Data Loss Prevention Best Practices Every Firm Should Know
Following these seven data loss prevention best practices can help any firm reduce the risk of falling victim to threats like ransomware.
BlackFog Report Reveals Record Number of Ransomware Attacks from January to March
BlackFog reports a record-breaking surge in ransomware attacks Q1 2025, with 278 disclosed cases and a 113% rise in undisclosed incidents.
AI for Network Security and Monitoring: Enhancing Cyber Defense
What opportunities do AI ransomware protection tools offer to cybersecurity pros?