HitmanPro.Alert - wersje stabilne

[OXYGEN THIEF]

HitmanPro.Alert 3 build 171 Release Candidate

HitmanPro.Alert 3 build 171 Release Candidate

Changelog

Improved CryptoGuard mitigation
Improved ROP mitigation
Improved HeapSpray mitigation
Improved Hardware-Assisted Exploit Mitigations
Improved compatibility with EMET 5.1
Improved compatibility with Sandboxie 4.16
Fixed BSOD on some systems
Various small internal fixes

Download

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

Please let me know how this version runs on your computer :thumb:

 

[OXYGEN THIEF]

HitmanPro.Alert 3 build 172 Release Candidate

HitmanPro.Alert 3 build 172 Release Candidate

Changelog

Fixed Sandboxie 4.16 ROP message

Download

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

Re: HitmanPro.Alert

CryptoWall 3 and CTB-Locker defeated by HitmanPro.Alert

 

[OXYGEN THIEF]

HitmanPro.Alert 3 build 180 General Availability

HitmanPro.Alert 3 build 180 General Availability

Since the four Community Technical Previews of HitmanPro.Alert 3 last year, our customers and the security community showed strong interest. Enhanced with the valuable feedback that we received, we are excited to announce the general availability (GA) of HitmanPro.Alert 3 – build 180.

HitmanPro.Alert version 3 introduces Exploit Mitigations, of which its hardware-assisted Control-Flow Integrity (CFI) technology is perhaps its most striking feature. CFI is a technique to prevent flow of control not intended by the original application, without requiring the source code or debug symbols of the protected application. With CFI, HitmanPro.Alert 3 effectively stops attackers that hijack control-flow to combine short pieces of benign code, already present in a system, for a malicious purpose; a so-called return-oriented programming (ROP) attack. This capability is achieved by programming and leveraging a hardware feature in modern Intel® processors to track code execution and assist in the detection of attacks in real-time – an industry-first method not found in any other security product.

Besides a performance advantage, employing hardware traced records has a security benefit over software stack-based approaches. Stack-based solutions, like Microsoft EMET, rely on stack data, which is (especially in case of a ROP attack) in control of the attacker, who in turn can affect or control the defender as well.

Cybercriminals and hackers are becoming increasingly more proficient in finding and attacking previously unknown vulnerabilities to bypass antivirus software as well as memory protections (DEP+ASLR) to silently infiltrate computers. Well known cases that led to the discovery of zero-day attacks, like Operation SnowMan, GreedyWonk and Clandestine Fox (uncovered by security firm FireEye) as well as the recent Adobe Flash Player exploits, show that attackers are adept in creating malware (shellcode) by borrowing instructions from legitimate applications running on the victim computer – a ROP attack. Antivirus software is not designed to block this as a ROP attack does not require malicious files or processes. HitmanPro.Alert version 3 is built to stop existing and future attacks whether they are conducted by exploit kits or (foreign) nation-state hackers, without requiring prior knowledge of attacks or abused vulnerabilities.

Besides Exploit Mitigations, HitmanPro.Alert 3 also offers Man-in-the-Browser Intruder Detection (Safe Browsing), Cryptolocker Protection (CryptoGuard), System Vaccination, Webcam Notifier, Keystroke Encryption, BadUSB Protection and our Forensics-based Anti-Malware.

Download

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

Screenshot

Review
We asked Malware Research Group (MRG Effitas) to test and write an independent review on HitmanPro.Alert 3. In addition we sponsored their Real World Exploit Prevention Test comparison wherein they threw a very diverse set of in-the-wild exploits (12 different exploit kits) and attacks on 16 different vulnerabilities, against 13 different products.

Second part of the comparison revolved around an artificial zero-day exploit attack. The purpose of this attack is to provide a more realistic picture of the capabilities of security software against real zero-day attacks. Just like real-world exploit attacks, this attack has not yet been discovered by security researchers and is unknown to blacklist-based technologies that rely on prior discovery, like URL filtering and virus signatures (which is a good indication why all security solutions, other than Microsoft EMET and Malwarebytes Anti-Exploit, failed te detect this attack).
We also provided MRG with an advanced ROP chain and shellcode for their artificial zero-day attack, which is able to bypass every popular anti-exploit solution.

The techniques that we used to defeat these solutions are not new and available in the public domain for a long time. The purpose of our attack is to show readers that any motivated attacker is able to (re-)weaponize exploits to bypass security solutions. In effect it also shows the power of our unique hardware-assisted exploit protection technology. We provided all the details surrounding our attack as well. They are made available by MRG Effitas for verification by interested researchers.

You can download the report (which includes the review, comparison and the artificial zero-day attack) from this link:

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

Release notes build 180 GA (changelog compared to build 155 RC)

Improved Lockdown mitigation to enforce safe execution of VBScript. This mitigates the exploitation technique known as "VBScript God Mode".
Improved Load Library mitigation to detect shellcode.
Improved Load Library mitigation to detect reflective loaded libraries.
Improved branch-based hardware-assisted ROP mitigation (part of Control-Flow Integrity).
Improved software-based ROP mitigation (part of Control-Flow Integrity).
Improved IAT Filtering.
Improved Dynamic Heap Spray mitigation.
Improved CryptoGuard mitigation, specifically protection of connected network drives.
Improved BadUSB mitigation.
Improved Enforce DEP mitigation.
Improved Safe Browsing intruder alert, which now also shows the correct technical details.
Improved Software Radar.
Improved compatibility with EMET 5.1.
Improved compatibility with Sandboxie 4.16.
Fixed upgrade from HitmanPro.Alert version 2 to version 3. In previous builds, the upgrade could affect the functionality of the existing connected keyboard.

Changelog compared to build 179 RC

Improved HeapSpray mitigation.
Improved network driver compatibility.

Remarks

HitmanPro.Alert 3 allows experienced computer users to apply exploit mitigations to applications of their own choosing. But the following software types should not be protected by HitmanPro.Alert:
Anti-malware and intrusion prevention or detection software
Debuggers
Software that handles digital rights management (DRM) technologies (i.e. videogames)
Software that use anti-debugging, obfuscation, or hooking technologies
HitmanPro.Alert 3 is not compatible with the Microsoft Enhanced Mitigation Experience Toolkit (EMET) version 5.2. As workaround you can disable EAF and EAF+ in EMET 5.2. HitmanPro.Alert is fully compatible with EMET 4.1 and EMET 5.1.

 

[andyxa]

Re: HitmanPro.Alert

HitmanPro.Alert 3 build 181

Changelog
Improved Shellcode mitigation
Improved keystroke encryption on applications in the Other category
Fixed keystroke encryption was no longer working when service was manually restarted.
Changed default flyout to once per logon session
Changed default live keystroke encryption in colored window border to off
Existing users are automatically updated.

Note: The changed defaults only apply to fresh installs. Upgraded installations keep the previous default setting to avoid confusion.

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

HitmanPro.Alert 3 Build 183 (2015-04-17)

HitmanPro.Alert 3 Release History

Build 183 (2015-04-17)

Improved DEP mitigation.
Improved HeapSpray mitigation.
Improved Control-Flow Integrity mitigation.
Improved Lockdown mitigation.
Improved Shellcode mitigation.
Improved compatibility with RapidMiner.
Improved compatibility with Kaltura.
Fixed false positive on streaming sites using Silverlight; eg. Netflix.com and itvonline.nl.
Fixed apostrophe and quote character encryption in Internet Explorer on Windows 7.
Fixed right-click properties alert in Internet Explorer.
Fixed flyout not appearing when an update is pending.

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[fluid]

Re: HitmanPro.Alert

HitmanPro.Alert 3.0.41 Build 187

Added application exclusion to Exploit mitigations. Scroll to the far right on the 'Your applications' panel to access this new feature, which should only be used for rare occasions when an application is incompatible with Alert's library.
Improved CryptoGuard mitigation.
Improved BadUSB compatibility with OEM keyboards.
Improved BadUSB compatibility with the Surface Home Button on Microsoft Surface Pro tablets.
Improved BadUSB compatibility with keyboards with macro functionality.
Improved Keystroke Encryption which sometimes dropped out after using Windows-key.
Improved compatibility with Microsoft Office add-ins based on .NET, e.g. gSyncit.
Improved Network Lockdown compatibility with the Malwarebytes Anti-Malware Web Access Control driver on Windows 8.
Improved Software Radar to detect web browsers that do not immediately register themselves as browser upon installation, e.g. Cyberfox.
Improved Dynamic Heap Spray mitigation.
Improved compatibility with Trusteer Rapport.
Improved VBScript God Mode mitigation (part of Application Lockdown).
Fixed Application Lockdown false positive on SharePoint based websites.
Fixed rare BSOD in HitmanPro.Alert driver.
Updated language strings.

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

HitmanPro.Alert 3 build 193

HitmanPro.Alert 3 build 193

Changelog

Improved upgrade experience from HitmanPro.Alert version 2 to version 3.
Improved Keystroke Encryption in combination with browser add-ons running as separate process.
Improved Keystroke Encryption which sometimes dropped out due to race condition triggered by 3rd party security products performing arbitrary thread injection.

Download

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[fluid]

HitmanPro.Alert 3.0.48 Build 196

Improved Load Library mitigation.
Improved CryptoGuard.
Fixed compatibility with Distributed File Servers (DFS).
Fixed network issue with Windows Offline Folders failing to synchronize.
Fixed keystroke encryption with backslash key on numeric keypad and dedicated volume up/down keys.
Fixed DEP mitigation false positive on 32-bit processes (eg. Firefox).

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

HitmanPro.Alert 3.0 users are now automatically updated to Alert 3.1 build 340.

Changelog (compared to 3.0):

Added full support for Windows 10, including TH2.
Added support for Microsoft Edge browser.
Added Exploit Mitigation support for Windows Apps (Metro applications).
Added Anti-Ransomware install mode.
This mode supports Windows Server 2008 R2 (or newer) environments. Requires Server license.
Added support for 6th generation Intel® Core™ processors (codename Skylake).
Added SysCall mitigation.
Added WoW64 mitigation.
Added untrusted font mitigation for computers running Windows 10.
Added VTable Hijack mitigation on Adobe Flash.
Added new Colored Window Border implementation to support Windows Apps (Metro applications).
Added new Keystroke Encryption implementation.
Added GUI access to alert logs in Windows Event Viewer (on Windows Vista and newer).
Added Control Flow Guard support.
All binaries of HitmanPro.Alert have been compiled with Control Flow Guard (CFG).
Improved DEP mitigation.
Improved ROP mitigation.
Improved Heap Spray mitigation.
Improved Stack Exec mitigation.
Improved Stack Pivot mitigation.
Improved Safe Browsing intruder detection.
Improved USB keyboard handling.
Improved Installer/uninstaller.
Added Arabic language.
Added Danish language.
Added Indonesian language.

Reference:

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

HitmanPro.Alert 3.1.0 Build 343 Released

Release History:

Improved hardware-assisted ROP mitigation.
Improved DEP mitigation.
Improved BadUSB mitigation.
Improved upgrade procedure.
Improved hooking engine.
Fixed compatibility with Avast! on 64-bit systems.
Fixed keystroke encryption compatibility with Trusteer Rapport.

Download:

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[andyxa]

HitmanPro.Alert 3.1.0 Build 351 Released

Build 351 (2016-01-19)

Added Silent Audit feature.
Added dual code signed signatures (Authenticode) on EXE, DLL and SYS files.
Improved Webcam Notifier to support Windows Hello.
Improved feedback to user when failing to activate a product key.
Improved keystroke encryption when BadUSB is disabled.
Improved settings upgrade from old version of Alert.
Fixed keystroke encryption compatibility with Trusteer Rapport.
Fixed race condition when specifying both /install and /lic command line switches.
Fixed rare BSOD in hmpnet driver on some Windows 10 computers (build 10586).
Changed BadUSB protection default to off for new installs.
Updated network component for improved compatibility and performance.

download

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[fluid]

HitmanPro.Alert 3.1.7 Build 357

Added support for Windows 10 Insider Preview build 14251 (Redstone).
Fixed hmpnet.sys not enabling on Windows 8 (or newer).
Fixed crash when passing additional argument along /install command line switch.
Fixed SelfProtection false positive.
Fixed Teredo Tunneling Adapter. It is no longer disabled.
Changed Vaccination default from Active to Passive on fresh installs.
Improved CryptoGuard mitigation (Anti-Ransomware).
Improved BadUSB mitigation.
Improved upgrade of BadUSB and Vaccination settings.
Improved compatibility with Emsisoft Internet Security 11.0.0.6131.
Improved compatibility with Avast! on Windows 8.1 x64.
Improved compatibility with Kaltura.
Improved uninstall information.
Improved uninstall of hmpnet.sys on 32-bit systems.
Added protection against DLL preloading attacks.
Updated several translations.

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[OXYGEN THIEF]

HitmanPro.Alert 3.1.9 Build 362



Build 362 (2016-04-04)

Improved CryptoGuard mitigation (Anti-Ransomware) to fix a bug introduced with build 357.
Improved ROP mitigations.
Improved keystroke scrambling of Keystroke Encryption.
Fixed compatibility with VirtualBox hardening.
Fixed compatibility with Microsoft Edge 31.14279 (Redstone).
Fixed compatibility with Microsoft OneNote' e-mail function.
Updated embedded libpng library.

Download

Zaloguj lub Zarejestruj się aby zobaczyć!

 

[fluid]

HitmanPro.Alert 3.1.9 Build 364

Fixed an issue with Application Lockdown mitigation on browsers

Spoiler: pokaż

Zaloguj lub Zarejestruj się aby zobaczyć!