![]() ![]() Previously, the offending action was only blocked. Improved WipeGuard to terminate the offending process.Previously, only the boot partition was protected. Improved WipeGuard to protection the Volume Boot Record of all mounted partitions.Improved CookieGuard so it now adds certificate validation information into the alert details.Improved CookieGuard alert with information about the application certificate, if any, in the alert.Improved handling of certificates on code-signed applications.Improved protection against direct system calls, or SysCall, on 32-bit applications.Added EA Digital Illusions CE AB to game detection. ![]() Added alerting to our protection of sticky key abuse (and other accessibility features).Added MITRE ATT&CK references to the CookieGuard, SysCall and RemoteThreadGuard mitigations.Added GPT partition support to WipeGuard.Added support for ReFS file system to CryptoGuard.Added protection against cloning of LSASS process to Credential Theft Protection.Added system-wide protection against 'Hell's Gate' defense evasion via direct system calls, or SysCall, on 64-bit applications.Fixed Keystroke Encryption and BadUSB Protection which caused a BSOD (APC_INDEX_MISMATCH) on Windows 11 with update KB5013943. ![]() * Beware this build is signed with a new code-signing certificate by Sophos LTD, this might take some 3rd party vendors to have "trust" issues as it's a rather fresh certificate. Removed ReflectiveDLL As it has become obsolete in it's current implementation.Improved Lockdown Now allows WMIC GET 'only' commands without interference.compatibility with ESET protected browsers, Windows search Improved HeapHeapProtect prevents Powershell scripts from patching AMSI for bypass. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |