blackfog windows release notes
By |Published On: January 7th, 2021|32 min read|Categories: Release Notes|

5.0 – October 22, 2024

  • Features:
    • Realtime GeoIP lookups
    • Added completely Air gapped packet filtering for failsafe blocking
    • Modernized UI with consistent look and feel
    • New baseline activity monitoring
    • New system wide feature switching
    • Added canary release capability to console
  • Performance
    • Added multi-threading to network filtering
    • Perform packet reassembly when parsing large header blocks
    • Added thread safe cache mapping for high performance blocking
    • Added thread controls for systemwide performance increase
    • DNSLookup can be utilized across multiple threads
  • Improvements
    • Prevent Powershell piping attacks
    • Accurately parse SSL messages that are split over more than one TCP packet
    • Improvement parsing of inter application communication messages
    • Updated JSON parsing and type checking
    • Strongly typed epoch timestamp
    • Refactored database access using RAII wrapper
    • Moved UI preprocessing logic to core agent
    • Forced prepared statements for all SQL queries
    • Fixed memory leak in event collection
    • Fixed Invalid DNS queries on some systems
    • Updating settings parsing for structured JSON deserialization
    • Fixed SQL bug preventing some searches to return empty results
    • Moved persist classes to core
    • Refactored enum values to strongly typed C++ enum classes
    • Created data classes to replace overworked tuples
    • Make incompleteSslPayloads concurrency safe
    • Guard against buffer overrun exceptions when casting payload
    • Ensure Baseline Activity Monitoring defaults to OFF if Enterprise
    • Removed support for 32 bit systems

4.9.12 – April 29, 2024

  • Added SSL/TLS packet reassembly when headers are very large
  • Improved serial number detection fallback in rare cases
  • Renamed executable to reflect BlackFog naming
  • Rebuilt installers with new file naming conventions
  • Rebuilt ARM installer for compatibility with Windows 11 ARM 64
  • Ensure default options match UI on initial startup
  • Updated Copyright strings for 2024
  • Ensure forensics tools are not blocked when option is disabled
  • Added Windows 23H2 and 24H2 version detection
  • Updated audio muting from Enterprise console
  • Updated firewall rules for agent communication
  • Enforce TLS 1.2 on Windows 7 SP1, Windows Server 2008 R2 and 2012
  • Updated process monitoring for Windows 7 and 8

4.9.11 – October 31, 2023

  • Fixed compatibility with Windows Hello/Faceid feature
  • Ensure settings reload when deleting from Deny dialog
  • Renamed drivers to reflect BlackFog convention
  • Updated allow listing for common domains
  • Added additional spectre mitigations

4.9.10 – September 7, 2023

  • Added new logic to stop NAPLISTENER on infected devices (T1505)
  • Defined additional SysJoker protections (S0266)
  • Added additional PowerShell protections
  • Added support for CentraStage scripts
  • Updated Windows Server version release data
  • Added Linkedin CDN to whitelisting
  • Added Group based PowerShell Whitelisting

4.9.9 – March 26, 2023

  • Added additional BIOS serial detection
  • Optimized double extension protection
  • Added backup process parent id detection
  • Fixed install mode restriction from console
  • Optimized compiling in several core algorithms

4.9.8 – February 22, 2023

  • Ignore fake BIOS Serial numbers
  • Added ability to lock Allow and Deny lists in UI
  • Updated ransomware detection logic
  • Added several thousand new malware detections
  • Updated copyright for 2023
  • Digitally sign installer DLL’s

4.9.7 – September 28, 2022

  • Updated support for Windows 21H2
  • Updated core feature icons across platforms
  • Updated several URL short codes
  • Simplified settings terminology
  • Synced feature icons across platforms
  • Reduced memory footprint of UI
  • Reduced application size
  • Improved Excel export

4.9.6 – April 14, 2022

  • Updated detection of wow64 processes and paths
  • Signed all DLL’s

4.9.5 – March 28, 2022

  • Made global allow listing to be case insensitive 
  • Allow InTune scripts to execute
  • Added SysJoker service specific detection
  • Optimized memory usage while scanning executables
  • Added Trusted PowerShell parent processes
  • Improved compatibility with HyperV and Windows 11
  • Added support for Hypervisor-protected Code Integrity
  • Updated copyright notices to 2022
  • Updated code signing certificates to 4096 bits
  • Renaming transition to BlackFog in preparation of 5.0
  • Validate installer and updater paths before launching
  • Added several indexes to database to increase performance
  • Improved statistics calculations and storage
  • Hide global whitelisting in Enterprise mode
  • Improved device deletion from Enterprise console
  • Updated dashboard icons in line with new BlackFog design
  • Removed volume control notifications from client

4.9.1 – December 30, 2021

  • Added Workgroup name if domain is empty
  • Added additional layers for Log4j vulnerability
  • Added rate limiting to events
  • Added defaults button in geofencing
  • Apply default geofencing at installation
  • Improved performance and memory utilization

4.9.0 – September 21, 2021

  • Added Windows release 21H1, 21H2
  • Added Windows 11 support
  • Added Windows 10, 11 ARM 64 support
  • Added support for ARM Virtual machines on M1
  • Added process deny listing
  • Updated driver signatures
  • Improved driver memory management
  • Update device name on events
  • Support new Edge 2 browser
  • Decreased memory footprint
  • Decreased package sizes
  • Improved Excel export
  • Detect ARM 64 processors
  • Added svchost validation logic
  • Added domain name collection
  • Added C class allow listing

4.8.2 – April 2, 2021

  • Added compatibility for ucheck patching
  • Added support for new InTune scripts
  • Added new parent process to enterprise events

4.8.1 – March 16, 2021

  • Updated Event descriptors for PowerShell attack variants
  • Updated detection of Dell laptop machines
  • Updated Windows Server editions
  • Update JSON parsing performance
  • Augmented property reporting with processes
  • Allow whitelisting of scripts spawned using illegal parents
  • Updated database insert performance
  • Added Privacy and Browser cleaning events
  • Optimized Event database

4.8.0 – January 7, 2021

  • Optimized network performance for high performance servers
  • Decreased memory utilization 
  • Fixed cleaning when using Firefox in 32 bit mode
  • Improved Excel export performance
  • Improved process detection and reporting

4.7.4 – December 22, 2020

  • Prevent execution of scripts through PowerShell
  • Force TLS 1.2 communication
  • Augmented console events
  • Fix install permissions when using MSI

4.7.3 – November 24, 2020

  • Updated event fields for Enterprise console
  • Allow the addition of processes in allow list
  • Updated default browser settings
  • Rebuilt with new compiler fixes

4.7.2 – November 13, 2020

  • Updated Trial to 14 Days
  • Updated runtime dependencies
  • Added infrastructure for ARM processors

4.7.1 – November 9, 2020

  • Fixed ASLR support on Windows 7

4.7.0 – November 4, 2020

  • Added additional detectors for Trickbot techniques
  • Added monthly licensing option
  • Added support for Brave browser forensic cleaning
  • Added WannaCry worm payload prevention
  • Updated notification alerts duplication checking
  • Updated Mitre codes for several attack vectors
  • Allow VDI group changing from image pool
  • Added strict handle checking to executable
  • Added address space layout randomization (ASLR) to executable
  • Improved trial license expiration algorithm
  • Improved status tray icon updating

4.6.1 – October 23, 2020

  • Updated VDI detection for Enterprise console

4.6.0 – October 22, 2020

  • Augmented events for Enterprise console
  • Added support for VDI images
  • Added event drill-down to dashboard
  • Updated installer with the latest MS support libraries
  • Removed duplicate hostnames from block events
  • Added license deactivation to Enterprise console
  • Added support for MS Intune Scripts
  • Added additional PowerShell protections
  • Optimized PowerShell command line processing
  • Updated Windows detection with 20H2

4.5.3 – September 15, 2020

  • Fixed terminal services RDP connections on Windows Server 2012
  • Added French translation
  • Added additional Mimikatz protection
  • Improved detection of process network connections
  • Added new homograph protections
  • Updated Maze ransomware detections
  • Updated prevention for Netwalker ransomware variants
  • Updated prevention for Sodinokibi ransomware
  • Updated techniques used by Ryuk ransomware

4.5.2 – August 15, 2020

  • Improved Exfiltration performance to within 95% of bandwidth
  • Improved logging performance at high traffic volume
  • Optimized network buffers with larger queue lengths
  • Optimized threading performance
  • Fixed possible pointer corruption with high traffic servers

4.5.1 – July 28, 2020

  • Change Whitelist to Allow List
  • Change Blacklist to Deny List
  • Fixed reporting of process names for enterprise console
  • Resigned drivers for Windows 2004
  • Prevent duplicate allow or deny rule
  • Prevent override of a denied rule
  • Prevent override of a geofence rule

4.5.0 – July 16, 2020

  • More than 200% increase in filtering throughput
  • Added additional double extension prevention mitigations
  • Added mitigations for remote code execution MITRE T1170
  • Added protections for Inhibit System Recovery MITRE T1490
  • Added protection for Squiblydoo attack MITRE T1117
  • Added TikTok blocking protection
  • Added Homograph protection
  • Updated UI to match Enterprise console
  • Updated Windows 10 edition 2004
  • Added associated MITRE codes to Enterprise console events
  • Added msiexec execution mitigations
  • Whitelist SolarWinds console automatically
  • Improved BIOS model detection
  • Added the ability to whitelist processes
  • Added support for new MS Edge browser
  • No longer send privacy clean events to console
  • Fix performance lag on UDP RTP connections
  • Added dynamic protocol detection
  • Updated dashboard icons using material design outlines
  • Renamed cryptomining to cryptojacking
  • Auto detect application protocols
  • Added Dark Web protection to IPv6 networks

4.3.1 – Mar 26, 2020

  • Detect windows Server editions when reporting events
  • Fixed mute on forensic clean with new threat types
  • Added Hide Hostnames feature to Privacy options
  • Updated copyright message for 2020

4.3.0 – Dec 23, 2019

  • Improved execution detection performance
  • Allow Shell script whitelisting in Enterprise console
  • Added process detection with no active users
  • Increased size of events dialog
  • Added excel export option to events
  • Added filtering option to events
  • Improved statistics collection and performance
  • Added amount cleaned to Privacy Event information
  • Increased performance of geofence lookups by 200%

4.2.3 – Dec 16, 2019

  • Added paths for Windows 32 bit editions

4.2.2 – Dec 15, 2019

  • Added BlackFog version to log file
  • Added system process path validation
  • Added some minor exceptions in process hierarchies

4.2.1 – Dec 12, 2019

  • Added several new illegal process checks
  • Removed false positives for java and internet explorer
  • Improved Double extension detection

4.2.0 – Dec 11, 2019

  • Applications now monitored dynamically, no whitelisting required
  • Removed application whitelisting buttons
  • Install mode disables all exfiltration for designated periods
  • Added Execution option to settings to selectively disable execution monitoring
  • Ensure all icons are visible on settings by default

4.1.2 – Dec 9, 2019

  • Added additional layer of protections against sodinokibi ransomware
  • Added blocked gateway icon to events list
  • Improved UDP filtering when using VOIP services
  • Improved performance of PowerShell detection
  • Optimized SSL requests for more efficient queries

4.1.1 – Nov 21, 2019

  • Added proxy aware communication
  • Ensure HTTPS for all transport
  • Auto whitelist SCCM scripts
  • Enforce PowerShell checking options when not logged in

4.1.0 – Nov 7, 2019

  • Fix possible null when reading hardware info
  • Allow license override from Enterprise to Standard
  • Anonymous network stats count towards Dark Web
  • Added versions detection for Windows 10 (1909)
  • Added changing of secure deletion options from Enterprise console
  • Added platform information to event data
  • Added Mute Notification option for Privacy Clean
  • Added Clean Interval options to Privacy Clean
  • Changed Geography to Geofence across platforms
  • Added Ransomware to dashboard which includes Dark Web
  • Added Botnets to blocking architecture and Settings
  • Fixed byte alignment when applying license keys using files

4.0.4 – Oct 17, 2019

  • Whitelisted several system Powershell scripts from MS
  • Added some memory checks around hardware serial numbers
  • Rounded memory size when reporting
  • Optimized database flushing for performance
  • Increased event column size for timestamp

4.0.3 – Oct 3, 2019

  • Optimized memory usage when using secure boot
  • Fixed BS when uninstalling and applying updates with secure boot
  • Passed all Driver Verifier tests on Windows 10

4.0.2 – Sep 27, 2019

  • Fixed BSOD when using Secure Boot mode which pages out memory

4.0.1 – Sep 25, 2019

  • Fixed BSOD on Windows 10 when running with Device Guard enabled
  • Added notification to client when accessing a Fake News site

4.0.0 – Sep 24, 2019

  • Added new user interface to provide easier access to features
  • Added sidebar navigation to access core features
  • Added new install mode options (15, 30 and 60 mins)
  • Added Dashboard, Exfiltration, Settings, Geography, White List, Black List, Forensics, Privacy, Events
  • Added event blocking log in addition to standard events
  • Improved process scanning performance
  • Eliminated duplicate process scanning in terminal services mode
  • Enterprise training mode also works with process monitoring
  • All options and settings are applied immediately
  • All core layer blocking is available in the settings option
  • Combined processes and hosts into traffic option with world map
  • Updated size and style of world map for clarity
  • Updated all tree based icons for high DPI scaling
  • Forensic tile maps to Forensics
  • Privacy Clean tile now mapped to Clean button within Forensics
  • System tile maps to Privacy
  • Added save option to Log file
  • Added refresh option to Log file
  • Fixed geolocation error on malformed data
  • Added many more statistics to new dashboard
  • Improved IPC performance
  • Left side of status bar now shows whether system is active
  • About dialog now includes build number
  • Fixed stack overflow when parsing deeply nested directories
  • Added HDPI icons for better scaling on large monitors
  • Updated Installer dependencies for reliability
  • Removed all dependencies on WMI
  • Updated Ad Blocking. Profiling and malware detection rules

3.7.3 – May 28, 2019

  • Reduced memory usage further when processing high traffic volumes
  • Improved the upload speed by more than 100%

3.7.2 – May 20, 2019

  • Sanity check DNS headers before parsing
  • Check hardware object values before releasing
  • Provide License dialog when trial has less than 30 days remaining
  • Improved stats counters and simplified code
  • Fixed stats persistence for profiling data

3.7.1 – Apr 12, 2019

  • Improved threading and concurrency in high traffic environments
  • Improved tray icon persistence
  • Improved Model name detection and resolution
  • Improved Autoupdate and client restart
  • Added version detection for Windows 10 (1903) edition

3.7.0 – Feb 26, 2019

  • Optimized memory access for 15-20% increased performance
  • Allow device group assignment at installation through group.key file
  • Updated rules logic for more accurate version checking
  • Updated status bar text after privacy clean
  • Fixed some minor memory leaks
  • Enforce SSL when validating license
  • Labelled private ip addresses ranges as “private.address”
  • Streamlined internal address scanning for performance
  • Eliminated possible thread contention when persisting to database
  • Updated codebase to conform to C++17
  • Automatically white list common URL shorteners
  • Access global load balanced servers based on geography
  • Fixed whitelist sequencing to ensure it is applied before geofencing
  • Optimized subnet scanning performance
  • Correctly release memory when finished with icons
  • Changed some log messages to Debug only to cleanup log view

3.6.2 – Feb 5, 2019

  • Fix certain lists internally due to bug in earlier versions of compiler
  • Changed License description for Enterprise in License dialog
  • Respect Enterprise options when running update manually
  • Ensure training mode flag EXCLUDES execution prevention
  • Added the ability to mute Windows Store notifications in console
  • Removed possible buffer overrun when white listing long paths
  • Removed deprecated Google+ and replaced with Linkedin in About
  • Prevent Constrained Language mode of PowerShell Scripts in Windows 10

3.6.1 – Jan 7, 2019

  • Prevented possible overflow when showing a large number of blocks on map
  • Fixed export of IPv6 addresses in Excel export
  • Refactored Excel export for better formatting
  • Updated core libraries and optimized parsing
  • Updated application icon to match other platforms
  • Updated installer dialogs

3.6.0 – Nov 4, 2018

  • Added support for IPv6 blocking
  • Fixed error when restarting scheduled system tasks when cleaning
  • Prevent possible string overflows in GeoIP lookup
  • Ensure use of TLS 1.1 or later when using SSL
  • Fixed possible overflow when mapping coordinates
  • Improved Firefox history cleaning
  • Updated detection in Windows 1809 release
  • Added Turkish translation to application and installer
  • Adhere to Enterprise rules for muting local execution threats
  • Changed Audio muting default to OFF
  • Fixed persistence of taskbar icon on Windows 10
  • Added PID number when generating block notifications
  • Changed No DNS message to Suspicious Address to match network option
  • Added Fake News blocking
  • Added Windows Store blocking
  • Added Training mode to restrictions in Enterprise console

3.5.2 – May 22, 2018

  • Fixed SSL blocks when using HTTP/2
  • Fixed possible DNS overflow with long domain names
  • Added Build number to OS version string for console
  • Added the ability to block Facebook in Network > Blocks
  • Drivers now signed by Microsoft according to new rules since Windows 10 (1607)

3.5.1 – May 8, 2018

  • Fixed minor leak when checking for new version
  • Improved multi threading with large packet volume
  • Improved performance of packet sniffing
  • Re-signed application and drivers according to Microsofts new policies
  • Disable PowerShell blocks during install mode
  • Perform automatic upgrades with standard license
  • Updated for build 1803 of Windows 10
  • Updated install mode to a default of 30 minutes

3.5.0 – April 19, 2018

  • Enhanced logging with microsecond resolution
  • Debug mode now available using Ctrl+D to enable and Ctrl+X to disable
  • Ignore initial welcome screen with Enterprise license
  • Added mutex synchronization around some variables
  • Automatically defer browser forensic clean if a session is open
  • Include IP in threat message as well as hostname when available
  • Added mute privacy clean notification option for Enterprise
  • Added mute all threats notification option for Enterprise
  • Changed Enterprise license expiry handling
  • Added blacklisting capability to network options and Enterprise console
  • Correctly Detect closure of Internet Explorer shortcuts for browser clean
  • Added GDPR Data Retention option to Enterprise console

3.4.2 – March 21, 2018

  • Relaxed SSL validation to allow sites with malformed headers to pass
  • Added Powershell exception for developer console
  • Added Powershell exception for HyperV
  • Added more detailed logging when Whitelisting
  • Updated Ad blocking rules
  • Updated Service Load order dependencies
  • Added over 100 new cryptocurrency mining blocks

3.4.1 – March 14, 2018

  • Improved JSON parsing performance and error detection
  • Added logging messages to client autoupdate procedure
  • Removed superfluous debugger messages
  • Added logging of path name to PowerShell exe attack vectors
  • Added support for SolarWinds Automation Manager
  • Optimized network buffering performance
  • Added several hundred new ad blocks
  • Added option to Mute Geofencing notifications to client and Enterprise
  • Improved SSL parsing performance
  • Whitelisted system files from PowerShell blocks
  • Optimized PowerShell attack blocking
  • Improved whitelisting on IP addresses
  • Improved SQL queries when using foreign character sets
  • Reduced memory requirements when filtering
  • Improved Ad blocking performance and detection over SSL
  • Added global whitelisting option to Enterprise console

3.4.0 – February 19, 2018

  • Added Powershell Fileless protection to Network options
    1. Privilege escalation
    2. Obfuscation
    3. Encoded commands
    4. Remote download
    5. Remote execution
    6. Mimikatz/Powersploit toolkits
    7. Compiled PowerShell
    8. PowerShell DLL injection
  • Improved SQL performance on multiple inserts
  • Improved handling of foreign language character sets
  • Fixed possible buffer overflow in notifications
  • Improved refresh rates on client when changing geofence on Enterprise console

3.3.3 – February 12, 2018

  • Added Mute Notification on Clean to Forensics options
  • Added Standard Deletion option for cleaning instead of DoD
  • Optimized DNS header traversal to avoid mismatches with incomplete data
  • Improved statistics count for ads when using different ports

3.3.2 – February 7, 2018

  • Improved icon sizing on High DPI screens
  • Auto upgrade for Enterprise now restarts client as needed
  • Updated translations
  • Updated Gzip libraries
  • Updated Cryptocurrency mining rules
  • Updated Advertising rules
  • Added Cryptocurrency mining to Network options
  • Added Malware to Network options
  • Changed Firefox “Site preferences” default to off to preserve bookmarks
  • Removed Powershell config script from installer and used native installer API

3.3.1 – January 31, 2018

  • Added some pointer checks on tree lists when there is no Internet connection
  • Miscellaneous memory cleanup tasks on client application
  • Changed Network block selections to icon based options
  • Added the ability to toggle Application Gateway feature
  • Added the ability to whitelist using wildcards
  • Added several new forensic option categories
  • Updated dependency maps for several forensic removals

3.3.0 – January 24, 2018

  • Added automatic update of client for Enterprise licenses
  • Added collapsible geography groups on windows 10
  • Allow DDS passthrough if forensic option is unchecked
  • Added Application Layer Gateway (ALG) for HTTP
  • Added various data validation segments throughout
  • Removed several dependencies reducing overall application size
  • Rewrote charting code for modern look and feel
  • Added threat chart below geofencing
  • Increased performance of networking stack
  • Fixed possible overflow when calculating bytes transferred

3.2.2 – January 4, 2018

  • Reduced memory footprint of network scanner
  • Improved performance of behavioral profiling by 20-30%
  • Improved geolocation scanning
  • Fixed minor memory leak when getting process information
  • Updating user profiling blocks with several new data aggregators
  • Updated copyright information for 2018

3.2.1 – December 18, 2017

  • Stopped Enterprise console reporting of Browser Clean
  • Added more detailed logging for HTTP transfers

3.2.0 – December 7, 2017

  • Optimized memory usage throughout
  • Added Network>>Whitelist Managed column to identify globally managed domains
  • Added Protect menu option to access settings and Install mode
  • Added descriptive text to blocked executables to remind users they can whitelist
  • Added Expand and Collapse options to Forensics options
  • Added Expand and Collapse options to System options
  • Added Expand and Collapse options to Geography options
  • Added user based whitelisting on multi user machines to ensure all accounts are protected
  • Added local state storage for collapse state to all sections
  • Improved device id detection for virtual machines
  • Added Global process whitelisting for Enterprise users
  • Improved packet detection performance
  • Improved HTTP performance

3.1.2 – November 14, 2017

  • Various performance optimizations
  • Support for DDE Auto blocking
  • Updated Forensic icons and categories to match Enterprise console
  • Updated Ad blocking

3.1.1 – November 7, 2017

  • Added automatic Bug Reporting to application

3.1.0 – October 11, 2017

  • Added Enterprise capabilities and cloud console (licensed separately)
  • Consolidate threats across all devices
  • Report all threats, geofence restrictions, spyware and suspicious activity
  • Graphical dashboard
  • Control all settings remotely
  • Lock aspects of the UI remotely
  • Trending analysis
  • Device inventory
  • Device Grouping
  • Multi-user administration and control
  • 500% improvement in cleaning performance
  • Support for files greater than 4GB
  • Improved memory usage across the board
  • Improved performance and decreased CPU activity across the board
  • Improved installer for older systems
  • Fixed edge cases for calculating next run times
  • Fixed processed time display when no previous run was found

3.0.1 – August 10, 2017

  • Added new whitelist rules
  • Updated various translations added for Dutch and Danish
  • Added enterprise notification options for browser cleaning
  • Fixed data insertion error when using restricted character codes
  • Fixed character encoding when using extended character codes

3.0.0 – June 28, 2017

  • Completely rebuilt as a Service so it can be used without elevated privileges
  • Added mapping of Geographic blocks on world map
  • Added Ukraine to default countries to block
  • Added Browser auto clean option so that browser is cleaned after each exit
  • Added new Enterprise options for configuration purposes
  • Added customization option for Geographic blocks in Network options
  • Added support for Windows 10 Creators Update
  • Added Disable feature to allow installation of new applications
  • Terminal / Remote Services now supported
  • Can also operate seamlessly without a UI if desired
  • Policies are now dynamically applied like all other rulesets
  • Improved performance across the entire stack for less than 1% CPU
  • Installs for all users of the machine and is licensed accordingly
  • Updated Event Viewer window to show more detail
  • Whitelisting capability for applications running in forbidden locations
  • Added encryption layer to all rulesets for added security
  • Ensure event text is truncated for long entries in main tile
  • Renamed ok button in license registration dialog to cancel
  • Fixed microphone volume detection notifications that could notify with setting off
  • Make events user specific when using terminal/ remote services
  • Clicking on message balloon event will bring up the event viewer
  • Wrap License key when entering into registration dialog
  • Added WhiteList Snapshot button to Network > Blocked
  • Improved Icon scaling in Network dialog when running on high DPI settings
  • Updated and added new Menu icons for high DPI systems
  • Automatically re-enable policies after 10 minutes inactivation for installs
  • Changed date format to more universal 24 hour format
  • Refactored host and process dialogs for larger screens

2.7.3 – April 6, 2017

  • Added policy exclusion when running executables directly from Internet Explorer
  • Resolved policy cleanup when upgrading from older versions

2.7.2 – April 4, 2017

  • Improved rules for preventing file execution inside protected folders with deep nesting
  • Blocked more anonymous network routing using TOR proxies
  • Updated Advertising networks for bitcoin ads
  • Improved network scanning performance approximately 50%
  • Improved blocking when using HTTPS
  • Added Spotify to Whitelisting rules until they fix the installation
  • Remove non printing characters in License key

2.7.1 – March 20, 2017

  • Fixed issue which would stop updater running in some circumstances

2.7.0 – March 7, 2017

  • Added blocks for anonymous networks
  • Added blocks for geographic regions
  • Added execution blocks in temporary locations
  • Added execution blocks to over 100 double extensions such as txt.exe
  • Added execution blocks to non standard locations
  • Changed default color on map to black
  • Improved application cleanup and memory management
  • Prevent multiple notifications from the same threat vector
  • Ensure automatic updates to the application
  • Provide MSI installer option to Enterprises

2.6.4 – February 1, 2017

  • Fixed system tray icon from disappearing in some systems
  • Improved filtering performance
  • Removed false positives when detecting DNS threats

2.6.3 – January 31, 2017

  • Added enterprise licensing model
  • Added more detail to threat messages such as the originating process and port
  • Added acknowledgements menu item for third party libraries and licensing

2.6.2 – January 23, 2017

  • Added new license format decoding

2.6.1 – January 17, 2017

  • Fixed an obscure bug when parsing SSL
  • Removed debug messages from console

2.6.0 – January 13, 2017

  • Improved logging performance on busy devices
  • Improved interface on high DPI screens
  • Added new icons to System settings
  • Changed requests to use SSL by default
  • Improved database performance and concurrency
  • Updated System Tray Icon with multiple states
  • Implemented System Service for core tasks
  • Fixed icon displayed in Windows 10 when viewing background tasks in process viewer
  • Updated translations

2.5.3 – January 2, 2017

  • Added debug symbols for bug reporting purposes
  • User interface now adapts to high DPI screens with larger icons
  • Updated rules based on Russian hack information from US government

2.5.2 – December 20, 2016

  • Updated Licensing dialog to cope with more licensing scenarios
  • Updated Dutch translations
  • Added detailed error reporting and new crash reporter

2.5.1 – November 14, 2016

  • Fixed dashboard redraw after sleep/wake cycle on some Windows 7 laptops
  • Fixed error when exporting network data to Excel with no domain/country information

2.5 – October 18, 2016

  • Major interface update highlighting threats and easy access to cleaning and other stats
  • Added visual traffic map to main interface to highlight traffic destination
  • Updated System Tray Icon for Windows 7 and 8.1 to align with system style icons
  • Identified more System processes during network profiling
  • Force rule update when selecting update from menus
  • Updated rules for Edge browser when navigating to infected sites
  • Improved the performance, parsing and error handling of json files
  • On Windows 8 and above we offer the option to turn off “Smart Multi-Homed Name Resolution” which significantly improves the security of your machine
  • Updated thumbnail cache removal on Windows 10
  • Updated various settings for Windows 10 Centennial edition
  • Updated Firefox password deletion for newest versions
  • Fixed crash when parsing certain foreign language configuration files
  • Optimized network profiling with malformed network packets
  • Improved network blocking performance and reduced CPU usage even further
  • Improved notification mechanism when dealing with threats
  • Added rules for emptying recycle bin and downloads directory
  • Added System settings for the Microsoft Edge browser to keep your data private
  • Improved cache flushing when changing network settings
  • Improved periodic gelocation flushing algorithm
  • Added Default option to system privacy settings
  • Optimized all tiles with Direct2D for rendering and performance
  • Enabled the removal of Microsoft Edge History and Caching at the OS level

2.0.3 – September 12, 2016

  • After applying a license key the application no longer requires a restart

2.0.2 – September 8, 2016

  • Changed application icon to align with MacOS version
  • Improved screen redraw on Windows 10 based devices

2.0.1 – August 24, 2016

  • Added new “defaults” option to Forensics dialog
  • Allow reset of all statistics using Ctrl-R
  • Renamed blocking of “Computrace/DDS and LoJack” to “Forensic Tools” to block a wider range of tools
  • Improved memory management
  • Updated all rulesets to detect over 25m threats

2.0.0 – July 18, 2016

  • Added over 24 million blocks for Ransomware and Spyware
  • Added Block Page message to browser when trying to access blocked URL’s directly
  • Added specific option for forensic tools instead of being grouped under spyware
  • Added new License menu option to make changing licenses easier
  • Added ability to turn off the reminder when executing a second instance
  • Added many new rules for Windows 10 and recent OS updates
  • Added forensic rules for over 30 new applications
  • Added deletion of Temporary Internet Files
  • Added historical charts for Profiling and Advertising
  • Added markers to gauges displaying recommended levels
  • Added remote desktop disable option to system settings
  • Clicking on Threats dashboard entry now opens threat event window
  • Change default value for microphone volume checking to off
  • Check for updates before performing initial install
  • Prevent updater from running if it is already executing in the scheduler
  • Translated Welcome message into native language equivalents
  • Improved process detection for edge cases
  • Ensure windows services are validated before being shutdown
  • Ensure spyware deactivation does not notify on subsequent scans
  • Validate license server before checking license
  • Moved Events into the View menu
  • Changed Diagnostics to Log and moved into the View menu

1.3.1 – June 1, 2016

  • Ensure non routable addresses are not flagged internally
  • Added decimal place to dashboard statistics for larger values
  • Fixed null error when discovering process paths
  • Improved threat detection performance by approximately 20%

1.3.0 – May 27, 2016

  • Added counters to the main dashboard to show the number of blocks over a 24 hr period
  • Added Danish Translation
  • Added Dutch Translation
  • Validate network connection before attempting product update
  • Updated frequency of Tile redraws
  • Changed Traffic Tile highlight color so hover is more obvious
  • Removed Internet connection check on installer which did not work correctly with multiple NIC cards enabled
  • Create Firewall exception on systems that block all outbound connections
  • Ensure that unchecking spyware switches off spyware detection

1.2.0 – May 3, 2016

  • Added Excel export of weekly traffic report for Network auditing and data breach purposes. Supports xlsx and xls formats
  • Added Excel export of weekly summary report for Network auditing and data breach purposes. Supports xlsx and xls formats
  • Added behavioral analysis for detecting ransomware connections when communicating with Command and Control servers
  • Added notifications when attempting to connect to suspicious domains
  • Added ability to lookup domains in VirusTotal for further information from context menu
  • Changed manual blocking to rules based blocking so application is preconfigured on startup
  • Fixed loading of older traffic tile calculations if application was restarted
  • Improved database persistence performance for network auditing
  • Tweaked Navigation labels to be more consistant with documentation
  • Changed gauge colors to a different palette
  • Improved domain name detection for SSL connections
  • Removed text welcome screen and replaced with a graphic
  • Added infrastructure for multiple languages for future releases

1.1.0 – April 6, 2016

  • Automatically open main window if user tries to run a second copy of the application
  • Ensure window opens and positions correctly on multiple monitors
  • Resize traffic window and buttons correctly when DPI is greater than 100%
  • Added Twitter, Facebook and Google links to main dashboard

1.0.6 – March 11, 2016

  • Ensure time stamps are updated when loading new rules
  • Added View menu option for displaying traffic detail in addition to the tiles
  • Improved memory management when dealing with large traffic volume
  • Added streamlining of preprocessed packets to increase performance

1.0.5 – February 29, 2016

  • Added Quick Start to Help Menu
  • Fixed display of blocked endpoints in the network dialog
  • Ensure Windows 7 based installs have been correctly patched with SHA256 support (KB3033929)
  • Added Log Rolling capability for diagnostics

1.0.4 – February 19, 2016

  • Updated Signing certificates to SHA256 to prevent problems on Windows 7
  • Various Performance and memory improvements
  • Added foundation work for traffic triggering in next major release

1.0.3 – February 15, 2016

  • Various performance improvements
  • Updated System Privacy metric calculations

1.0.2 – February 8, 2016

  • Initial Public Release
  • Real-time removal of online advertising, data collection and profiling
  • Spyware detection and blocking
  • Forensic data removal
  • System privacy lockdown
  • Microphone notifications
  • Application and endpoint blocking

Share This Story, Choose Your Platform!

Related Posts

  • BlackFog V5

BlackFog unveils AI based anti data exfiltration (ADX) platform for ransomware and data loss prevention

November 12th, 2024|

BlackFog unveils the latest version of its AI based anti data exfiltration (ADX) platform for even more powerful ransomware and data loss prevention. Version 5 introduces new features including air gap protection, real-time geofencing, and baseline activity monitoring to ensure the highest level of cybersecurity protection.

Data Exfiltration Detection: Best Practices and Tools

November 1st, 2024|

Data exfiltration, a tactic used in 93% of ransomware attacks, can lead to severe consequences including financial losses, reputational damage, and loss of customer trust. To mitigate these risks, organizations must implement effective detection strategies and technologies.