4.3.1 – Mar 26, 2020

  • Detect windows Server editions when reporting events
  • Fixed mute on forensic clean with new threat types
  • Added Hide Hostnames feature to Privacy options
  • Updated copyright message for 2020

4.3.0 – Dec 23, 2019

  • Improved execution detection performance
  • Allow Shell script whitelisting in Enterprise console
  • Added process detection with no active users
  • Increased size of events dialog
  • Added excel export option to events
  • Added filtering option to events
  • Improved statistics collection and performance
  • Added amount cleaned to Privacy Event information
  • Increased performance of geofence lookups by 200%

4.2.3 – Dec 16, 2019

  • Added paths for Windows 32 bit editions

4.2.2 – Dec 15, 2019

  • Added BlackFog version to log file
  • Added system process path validation
  • Added some minor exceptions in process hierarchies

4.2.1 – Dec 12, 2019

  • Added several new illegal process checks
  • Removed false positives for java and internet explorer
  • Improved Double extension detection

4.2.0 – Dec 11, 2019

  • Applications now monitored dynamically, no whitelisting required
  • Removed application whitelisting buttons
  • Install mode disables all exfiltration for designated periods
  • Added Execution option to settings to selectively disable execution monitoring
  • Ensure all icons are visible on settings by default

4.1.2 – Dec 9, 2019

  • Added additional layer of protections against sodinokibi ransomware
  • Added blocked gateway icon to events list
  • Improved UDP filtering when using VOIP services
  • Improved performance of PowerShell detection
  • Optimized SSL requests for more efficient queries

4.1.1 – Nov 21, 2019

  • Added proxy aware communication
  • Ensure HTTPS for all transport
  • Auto whitelist SCCM scripts
  • Enforce PowerShell checking options when not logged in

4.1.0 – Nov 7, 2019

  • Fix possible null when reading hardware info
  • Allow license override from Enterprise to Standard
  • Anonymous network stats count towards Dark Web
  • Added versions detection for Windows 10 (1909)
  • Added changing of secure deletion options from Enterprise console
  • Added platform information to event data
  • Added Mute Notification option for Privacy Clean
  • Added Clean Interval options to Privacy Clean
  • Changed Geography to Geofence across platforms
  • Added Ransomware to dashboard which includes Dark Web
  • Added Botnets to blocking architecture and Settings
  • Fixed byte alignment when applying license keys using files

4.0.4 – Oct 17, 2019

  • Whitelisted several system Powershell scripts from MS
  • Added some memory checks around hardware serial numbers
  • Rounded memory size when reporting
  • Optimized database flushing for performance
  • Increased event column size for timestamp

4.0.3 – Oct 3, 2019

  • Optimized memory usage when using secure boot
  • Fixed BS when uninstalling and applying updates with secure boot
  • Passed all Driver Verifier tests on Windows 10

4.0.2 – Sep 27, 2019

  • Fixed BSOD when using Secure Boot mode which pages out memory

4.0.1 – Sep 25, 2019

  • Fixed BSOD on Windows 10 when running with Device Guard enabled
  • Added notification to client when accessing a Fake News site

4.0.0 – Sep 24, 2019

  • Added new user interface to provide easier access to features
  • Added sidebar navigation to access core features
  • Added new install mode options (15, 30 and 60 mins)
  • Added Dashboard, Exfiltration, Settings, Geography, White List, Black List, Forensics, Privacy, Events
  • Added event blocking log in addition to standard events
  • Improved process scanning performance
  • Eliminated duplicate process scanning in terminal services mode
  • Enterprise training mode also works with process monitoring
  • All options and settings are applied immediately
  • All core layer blocking is available in the settings option
  • Combined processes and hosts into traffic option with world map
  • Updated size and style of world map for clarity
  • Updated all tree based icons for high DPI scaling
  • Forensic tile maps to Forensics
  • Privacy Clean tile now mapped to Clean button within Forensics
  • System tile maps to Privacy
  • Added save option to Log file
  • Added refresh option to Log file
  • Fixed geolocation error on malformed data
  • Added many more statistics to new dashboard
  • Improved IPC performance
  • Left side of status bar now shows whether system is active
  • About dialog now includes build number
  • Fixed stack overflow when parsing deeply nested directories
  • Added HDPI icons for better scaling on large monitors
  • Updated Installer dependencies for reliability
  • Removed all dependencies on WMI
  • Updated Ad Blocking. Profiling and malware detection rules

3.7.3 – May 28, 2019

  • Reduced memory usage further when processing high traffic volumes
  • Improved the upload speed by more than 100%

3.7.2 – May 20, 2019

  • Sanity check DNS headers before parsing
  • Check hardware object values before releasing
  • Provide License dialog when trial has less than 30 days remaining
  • Improved stats counters and simplified code
  • Fixed stats persistence for profiling data

3.7.1 – Apr 12, 2019

  • Improved threading and concurrency in high traffic environments
  • Improved tray icon persistence
  • Improved Model name detection and resolution
  • Improved Autoupdate and client restart
  • Added version detection for Windows 10 (1903) edition

3.7.0 – Feb 26, 2019

  • Optimized memory access for 15-20% increased performance
  • Allow device group assignment at installation through group.key file
  • Updated rules logic for more accurate version checking
  • Updated status bar text after privacy clean
  • Fixed some minor memory leaks
  • Enforce SSL when validating license
  • Labelled private ip addresses ranges as “private.address”
  • Streamlined internal address scanning for performance
  • Eliminated possible thread contention when persisting to database
  • Updated codebase to conform to C++17
  • Automatically white list common URL shorteners
  • Access global load balanced servers based on geography
  • Fixed whitelist sequencing to ensure it is applied before geofencing
  • Optimized subnet scanning performance
  • Correctly release memory when finished with icons
  • Changed some log messages to Debug only to cleanup log view

3.6.2 – Feb 5, 2019

  • Fix certain lists internally due to bug in earlier versions of compiler
  • Changed License description for Enterprise in License dialog
  • Respect Enterprise options when running update manually
  • Ensure training mode flag EXCLUDES execution prevention
  • Added the ability to mute Windows Store notifications in console
  • Removed possible buffer overrun when white listing long paths
  • Removed deprecated Google+ and replaced with Linkedin in About
  • Prevent Constrained Language mode of PowerShell Scripts in Windows 10

3.6.1 – Jan 7, 2019

  • Prevented possible overflow when showing a large number of blocks on map
  • Fixed export of IPv6 addresses in Excel export
  • Refactored Excel export for better formatting
  • Updated core libraries and optimized parsing
  • Updated application icon to match other platforms
  • Updated installer dialogs

3.6.0 – Nov 4, 2018

  • Added support for IPv6 blocking
  • Fixed error when restarting scheduled system tasks when cleaning
  • Prevent possible string overflows in GeoIP lookup
  • Ensure use of TLS 1.1 or later when using SSL
  • Fixed possible overflow when mapping coordinates
  • Improved Firefox history cleaning
  • Updated detection in Windows 1809 release
  • Added Turkish translation to application and installer
  • Adhere to Enterprise rules for muting local execution threats
  • Changed Audio muting default to OFF
  • Fixed persistence of taskbar icon on Windows 10
  • Added PID number when generating block notifications
  • Changed No DNS message to Suspicious Address to match network option
  • Added Fake News blocking
  • Added Windows Store blocking
  • Added Training mode to restrictions in Enterprise console

3.5.2 – May 22, 2018

  • Fixed SSL blocks when using HTTP/2
  • Fixed possible DNS overflow with long domain names
  • Added Build number to OS version string for console
  • Added the ability to block Facebook in Network > Blocks
  • Drivers now signed by Microsoft according to new rules since Windows 10 (1607)

3.5.1 – May 8, 2018

  • Fixed minor leak when checking for new version
  • Improved multi threading with large packet volume
  • Improved performance of packet sniffing
  • Re-signed application and drivers according to Microsofts new policies
  • Disable PowerShell blocks during install mode
  • Perform automatic upgrades with standard license
  • Updated for build 1803 of Windows 10
  • Updated install mode to a default of 30 minutes

3.5.0 – April 19, 2018

  • Enhanced logging with microsecond resolution
  • Debug mode now available using Ctrl+D to enable and Ctrl+X to disable
  • Ignore initial welcome screen with Enterprise license
  • Added mutex synchronization around some variables
  • Automatically defer browser forensic clean if a session is open
  • Include IP in threat message as well as hostname when available
  • Added mute privacy clean notification option for Enterprise
  • Added mute all threats notification option for Enterprise
  • Changed Enterprise license expiry handling
  • Added blacklisting capability to network options and Enterprise console
  • Correctly Detect closure of Internet Explorer shortcuts for browser clean
  • Added GDPR Data Retention option to Enterprise console

3.4.2 – March 21, 2018

  • Relaxed SSL validation to allow sites with malformed headers to pass
  • Added Powershell exception for developer console
  • Added Powershell exception for HyperV
  • Added more detailed logging when Whitelisting
  • Updated Ad blocking rules
  • Updated Service Load order dependencies
  • Added over 100 new cryptocurrency mining blocks

3.4.1 – March 14, 2018

  • Improved JSON parsing performance and error detection
  • Added logging messages to client autoupdate procedure
  • Removed superfluous debugger messages
  • Added logging of path name to PowerShell exe attack vectors
  • Added support for SolarWinds Automation Manager
  • Optimized network buffering performance
  • Added several hundred new ad blocks
  • Added option to Mute Geofencing notifications to client and Enterprise
  • Improved SSL parsing performance
  • Whitelisted system files from PowerShell blocks
  • Optimized PowerShell attack blocking
  • Improved whitelisting on IP addresses
  • Improved SQL queries when using foreign character sets
  • Reduced memory requirements when filtering
  • Improved Ad blocking performance and detection over SSL
  • Added global whitelisting option to Enterprise console

3.4.0 – February 19, 2018

  • Added Powershell Fileless protection to Network options
    1. Privilege escalation
    2. Obfuscation
    3. Encoded commands
    4. Remote download
    5. Remote execution
    6. Mimikatz/Powersploit toolkits
    7. Compiled PowerShell
    8. PowerShell DLL injection
  • Improved SQL performance on multiple inserts
  • Improved handling of foreign language character sets
  • Fixed possible buffer overflow in notifications
  • Improved refresh rates on client when changing geofence on Enterprise console

3.3.3 – February 12, 2018

  • Added Mute Notification on Clean to Forensics options
  • Added Standard Deletion option for cleaning instead of DoD
  • Optimized DNS header traversal to avoid mismatches with incomplete data
  • Improved statistics count for ads when using different ports

3.3.2 – February 7, 2018

  • Improved icon sizing on High DPI screens
  • Auto upgrade for Enterprise now restarts client as needed
  • Updated translations
  • Updated Gzip libraries
  • Updated Cryptocurrency mining rules
  • Updated Advertising rules
  • Added Cryptocurrency mining to Network options
  • Added Malware to Network options
  • Changed Firefox “Site preferences” default to off to preserve bookmarks
  • Removed Powershell config script from installer and used native installer API

3.3.1 – January 31, 2018

  • Added some pointer checks on tree lists when there is no Internet connection
  • Miscellaneous memory cleanup tasks on client application
  • Changed Network block selections to icon based options
  • Added the ability to toggle Application Gateway feature
  • Added the ability to whitelist using wildcards
  • Added several new forensic option categories
  • Updated dependency maps for several forensic removals

3.3.0 – January 24, 2018

  • Added automatic update of client for Enterprise licenses
  • Added collapsible geography groups on windows 10
  • Allow DDS passthrough if forensic option is unchecked
  • Added Application Layer Gateway (ALG) for HTTP
  • Added various data validation segments throughout
  • Removed several dependencies reducing overall application size
  • Rewrote charting code for modern look and feel
  • Added threat chart below geofencing
  • Increased performance of networking stack
  • Fixed possible overflow when calculating bytes transferred

3.2.2 – January 4, 2018

  • Reduced memory footprint of network scanner
  • Improved performance of behavioral profiling by 20-30%
  • Improved geolocation scanning
  • Fixed minor memory leak when getting process information
  • Updating user profiling blocks with several new data aggregators
  • Updated copyright information for 2018

3.2.1 – December 18, 2017

  • Stopped Enterprise console reporting of Browser Clean
  • Added more detailed logging for HTTP transfers

3.2.0 – December 7, 2017

  • Optimized memory usage throughout
  • Added Network>>Whitelist Managed column to identify globally managed domains
  • Added Protect menu option to access settings and Install mode
  • Added descriptive text to blocked executables to remind users they can whitelist
  • Added Expand and Collapse options to Forensics options
  • Added Expand and Collapse options to System options
  • Added Expand and Collapse options to Geography options
  • Added user based whitelisting on multi user machines to ensure all accounts are protected
  • Added local state storage for collapse state to all sections
  • Improved device id detection for virtual machines
  • Added Global process whitelisting for Enterprise users
  • Improved packet detection performance
  • Improved HTTP performance

3.1.2 – November 14, 2017

  • Various performance optimizations
  • Support for DDE Auto blocking
  • Updated Forensic icons and categories to match Enterprise console
  • Updated Ad blocking

3.1.1 – November 7, 2017

  • Added automatic Bug Reporting to application

3.1.0 – October 11, 2017

  • Added Enterprise capabilities and cloud console (licensed separately)
  • Consolidate threats across all devices
  • Report all threats, geofence restrictions, spyware and suspicious activity
  • Graphical dashboard
  • Control all settings remotely
  • Lock aspects of the UI remotely
  • Trending analysis
  • Device inventory
  • Device Grouping
  • Multi-user administration and control
  • 500% improvement in cleaning performance
  • Support for files greater than 4GB
  • Improved memory usage across the board
  • Improved performance and decreased CPU activity across the board
  • Improved installer for older systems
  • Fixed edge cases for calculating next run times
  • Fixed processed time display when no previous run was found

3.0.1 – August 10, 2017

  • Added new whitelist rules
  • Updated various translations added for Dutch and Danish
  • Added enterprise notification options for browser cleaning
  • Fixed data insertion error when using restricted character codes
  • Fixed character encoding when using extended character codes

3.0.0 – June 28, 2017

  • Completely rebuilt as a Service so it can be used without elevated privileges
  • Added mapping of Geographic blocks on world map
  • Added Ukraine to default countries to block
  • Added Browser auto clean option so that browser is cleaned after each exit
  • Added new Enterprise options for configuration purposes
  • Added customization option for Geographic blocks in Network options
  • Added support for Windows 10 Creators Update
  • Added Disable feature to allow installation of new applications
  • Terminal / Remote Services now supported
  • Can also operate seamlessly without a UI if desired
  • Policies are now dynamically applied like all other rulesets
  • Improved performance across the entire stack for less than 1% CPU
  • Installs for all users of the machine and is licensed accordingly
  • Updated Event Viewer window to show more detail
  • Whitelisting capability for applications running in forbidden locations
  • Added encryption layer to all rulesets for added security
  • Ensure event text is truncated for long entries in main tile
  • Renamed ok button in license registration dialog to cancel
  • Fixed microphone volume detection notifications that could notify with setting off
  • Make events user specific when using terminal/ remote services
  • Clicking on message balloon event will bring up the event viewer
  • Wrap License key when entering into registration dialog
  • Added WhiteList Snapshot button to Network > Blocked
  • Improved Icon scaling in Network dialog when running on high DPI settings
  • Updated and added new Menu icons for high DPI systems
  • Automatically re-enable policies after 10 minutes inactivation for installs
  • Changed date format to more universal 24 hour format
  • Refactored host and process dialogs for larger screens

2.7.3 – April 6, 2017

  • Added policy exclusion when running executables directly from Internet Explorer
  • Resolved policy cleanup when upgrading from older versions

2.7.2 – April 4, 2017

  • Improved rules for preventing file execution inside protected folders with deep nesting
  • Blocked more anonymous network routing using TOR proxies
  • Updated Advertising networks for bitcoin ads
  • Improved network scanning performance approximately 50%
  • Improved blocking when using HTTPS
  • Added Spotify to Whitelisting rules until they fix the installation
  • Remove non printing characters in License key

2.7.1 – March 20, 2017

  • Fixed issue which would stop updater running in some circumstances

2.7.0 – March 7, 2017

  • Added blocks for anonymous networks
  • Added blocks for geographic regions
  • Added execution blocks in temporary locations
  • Added execution blocks to over 100 double extensions such as txt.exe
  • Added execution blocks to non standard locations
  • Changed default color on map to black
  • Improved application cleanup and memory management
  • Prevent multiple notifications from the same threat vector
  • Ensure automatic updates to the application
  • Provide MSI installer option to Enterprises

2.6.4 – February 1, 2017

  • Fixed system tray icon from disappearing in some systems
  • Improved filtering performance
  • Removed false positives when detecting DNS threats

2.6.3 – January 31, 2017

  • Added enterprise licensing model
  • Added more detail to threat messages such as the originating process and port
  • Added acknowledgements menu item for third party libraries and licensing

2.6.2 – January 23, 2017

  • Added new license format decoding

2.6.1 – January 17, 2017

  • Fixed an obscure bug when parsing SSL
  • Removed debug messages from console

2.6.0 – January 13, 2017

  • Improved logging performance on busy devices
  • Improved interface on high DPI screens
  • Added new icons to System settings
  • Changed requests to use SSL by default
  • Improved database performance and concurrency
  • Updated System Tray Icon with multiple states
  • Implemented System Service for core tasks
  • Fixed icon displayed in Windows 10 when viewing background tasks in process viewer
  • Updated translations

2.5.3 – January 2, 2017

  • Added debug symbols for bug reporting purposes
  • User interface now adapts to high DPI screens with larger icons
  • Updated rules based on Russian hack information from US government

2.5.2 – December 20, 2016

  • Updated Licensing dialog to cope with more licensing scenarios
  • Updated Dutch translations
  • Added detailed error reporting and new crash reporter

2.5.1 – November 14, 2016

  • Fixed dashboard redraw after sleep/wake cycle on some Windows 7 laptops
  • Fixed error when exporting network data to Excel with no domain/country information

2.5 – October 18, 2016

  • Major interface update highlighting threats and easy access to cleaning and other stats
  • Added visual traffic map to main interface to highlight traffic destination
  • Updated System Tray Icon for Windows 7 and 8.1 to align with system style icons
  • Identified more System processes during network profiling
  • Force rule update when selecting update from menus
  • Updated rules for Edge browser when navigating to infected sites
  • Improved the performance, parsing and error handling of json files
  • On Windows 8 and above we offer the option to turn off “Smart Multi-Homed Name Resolution” which significantly improves the security of your machine
  • Updated thumbnail cache removal on Windows 10
  • Updated various settings for Windows 10 Centennial edition
  • Updated Firefox password deletion for newest versions
  • Fixed crash when parsing certain foreign language configuration files
  • Optimized network profiling with malformed network packets
  • Improved network blocking performance and reduced CPU usage even further
  • Improved notification mechanism when dealing with threats
  • Added rules for emptying recycle bin and downloads directory
  • Added System settings for the Microsoft Edge browser to keep your data private
  • Improved cache flushing when changing network settings
  • Improved periodic gelocation flushing algorithm
  • Added Default option to system privacy settings
  • Optimized all tiles with Direct2D for rendering and performance
  • Enabled the removal of Microsoft Edge History and Caching at the OS level

2.0.3 – September 12, 2016

  • After applying a license key the application no longer requires a restart

2.0.2 – September 8, 2016

  • Changed application icon to align with MacOS version
  • Improved screen redraw on Windows 10 based devices

2.0.1 – August 24, 2016

  • Added new “defaults” option to Forensics dialog
  • Allow reset of all statistics using Ctrl-R
  • Renamed blocking of “Computrace/DDS and LoJack” to “Forensic Tools” to block a wider range of tools
  • Improved memory management
  • Updated all rulesets to detect over 25m threats

2.0.0 – July 18, 2016

  • Added over 24 million blocks for Ransomware and Spyware
  • Added Block Page message to browser when trying to access blocked URL’s directly
  • Added specific option for forensic tools instead of being grouped under spyware
  • Added new License menu option to make changing licenses easier
  • Added ability to turn off the reminder when executing a second instance
  • Added many new rules for Windows 10 and recent OS updates
  • Added forensic rules for over 30 new applications
  • Added deletion of Temporary Internet Files
  • Added historical charts for Profiling and Advertising
  • Added markers to gauges displaying recommended levels
  • Added remote desktop disable option to system settings
  • Clicking on Threats dashboard entry now opens threat event window
  • Change default value for microphone volume checking to off
  • Check for updates before performing initial install
  • Prevent updater from running if it is already executing in the scheduler
  • Translated Welcome message into native language equivalents
  • Improved process detection for edge cases
  • Ensure windows services are validated before being shutdown
  • Ensure spyware deactivation does not notify on subsequent scans
  • Validate license server before checking license
  • Moved Events into the View menu
  • Changed Diagnostics to Log and moved into the View menu

1.3.1 – June 1, 2016

  • Ensure non routable addresses are not flagged internally
  • Added decimal place to dashboard statistics for larger values
  • Fixed null error when discovering process paths
  • Improved threat detection performance by approximately 20%

1.3.0 – May 27, 2016

  • Added counters to the main dashboard to show the number of blocks over a 24 hr period
  • Added Danish Translation
  • Added Dutch Translation
  • Validate network connection before attempting product update
  • Updated frequency of Tile redraws
  • Changed Traffic Tile highlight color so hover is more obvious
  • Removed Internet connection check on installer which did not work correctly with multiple NIC cards enabled
  • Create Firewall exception on systems that block all outbound connections
  • Ensure that unchecking spyware switches off spyware detection

1.2.0 – May 3, 2016

  • Added Excel export of weekly traffic report for Network auditing and data breach purposes. Supports xlsx and xls formats
  • Added Excel export of weekly summary report for Network auditing and data breach purposes. Supports xlsx and xls formats
  • Added behavioral analysis for detecting ransomware connections when communicating with Command and Control servers
  • Added notifications when attempting to connect to suspicious domains
  • Added ability to lookup domains in VirusTotal for further information from context menu
  • Changed manual blocking to rules based blocking so application is preconfigured on startup
  • Fixed loading of older traffic tile calculations if application was restarted
  • Improved database persistence performance for network auditing
  • Tweaked Navigation labels to be more consistant with documentation
  • Changed gauge colors to a different palette
  • Improved domain name detection for SSL connections
  • Removed text welcome screen and replaced with a graphic
  • Added infrastructure for multiple languages for future releases

1.1.0 – April 6, 2016

  • Automatically open main window if user tries to run a second copy of the application
  • Ensure window opens and positions correctly on multiple monitors
  • Resize traffic window and buttons correctly when DPI is greater than 100%
  • Added Twitter, Facebook and Google links to main dashboard

1.0.6 – March 11, 2016

  • Ensure time stamps are updated when loading new rules
  • Added View menu option for displaying traffic detail in addition to the tiles
  • Improved memory management when dealing with large traffic volume
  • Added streamlining of preprocessed packets to increase performance

1.0.5 – February 29, 2016

  • Added Quick Start to Help Menu
  • Fixed display of blocked endpoints in the network dialog
  • Ensure Windows 7 based installs have been correctly patched with SHA256 support (KB3033929)
  • Added Log Rolling capability for diagnostics

1.0.4 – February 19, 2016

  • Updated Signing certificates to SHA256 to prevent problems on Windows 7
  • Various Performance and memory improvements
  • Added foundation work for traffic triggering in next major release

1.0.3 – February 15, 2016

  • Various performance improvements
  • Updated System Privacy metric calculations

1.0.2 – February 8, 2016

  • Initial Public Release
  • Real-time removal of online advertising, data collection and profiling
  • Spyware detection and blocking
  • Forensic data removal
  • System privacy lockdown
  • Microphone notifications
  • Application and endpoint blocking