![]() ![]() Added MITRE ATT&CK references to the CookieGuard, SysCall and RemoteThreadGuard mitigations.Added GPT partition support to WipeGuard.Added support for ReFS file system to CryptoGuard.Added protection against cloning of LSASS process to Credential Theft Protection.Added system-wide protection against 'Hell's Gate' defense evasion via direct system calls, or SysCall, on 64-bit applications.Fixed Keystroke Encryption and BadUSB Protection which caused a BSOD (APC_INDEX_MISMATCH) on Windows 11 with update KB5013943.* Beware this build is signed with a new code-signing certificate by Sophos LTD, this might take some 3rd party vendors to have "trust" issues as it's a rather fresh certificate. Removed ReflectiveDLL As it has become obsolete in it's current implementation.Improved Lockdown Now allows WMIC GET 'only' commands without interference.compatibility with ESET protected browsers, Windows search Improved HeapHeapProtect prevents Powershell scripts from patching AMSI for bypass.Improved HeapHeapProtect Cobalt Strike detection.Improved DrWeb Compatibility CallerCheck/SysCall.Fixed Lockdown Bypass when loading files over UNC paths.Fixed KernelTrap compatibility issues with Kaspersky and GenshinImpact.Fixed Driver BSOD under specific circumstances.Added RDPGuard Icon under Risk Reduction button.Added New Process Protection panel for Risk Reduction. ![]() ![]() Added HWBGuard (Silent), A technique heavily used by red-teams to bypass Syscall protections is to set a HardwareBreakPoint, we now detect these breakpoints. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |