Advice Request BlackFog - Anyone Used It?

Please provide comments and solutions that are helpful to the author of this topic.

Cortex

Cortex

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
www.blackfog.com

BlackFog Privacy Cyberattack and Ransomware Prevention

BlackFog Privacy provides cyberattack protection and ransomware prevention for home and business.
www.blackfog.com www.blackfog.com

Giving it a trial, so far impressed but not seen much about it on here, the interface isn't wonderful & options not plentiful, so far looks very good - Anyone else used it?
 
  • Like
Reactions: Stopspying, HarborFront, harlan4096 and 5 others
B

BVLon

Cortex said:
www.blackfog.com

BlackFog Privacy Cyberattack and Ransomware Prevention

BlackFog Privacy provides cyberattack protection and ransomware prevention for home and business.
www.blackfog.com www.blackfog.com

Giving it a trial, so far impressed but not seen much about it on here, the interface isn't wonderful & options not plentiful, so far looks very good - Anyone else used it?
Click to expand...
Lots of glamour and first test - Norton detects something with IPS.
This software does nothing.

1583711465883.png


Then I kept testing and testing... did not see it in action at all. It is hard to say that this software is effective.
They use fancy naming for stuff that's been around since the early web age. For example there is a tool called "forensics". By the name I got impressed, thinking this tool might help me track and analyse attacks. Upon clicking, I discovered that it shreds the browser history on exit or scheduled for specific time... Something McAfee has called QuickClean...
GeoFence seems useless to me...
Exfiltration is a basic traffic monitor and we all know a better one.
Settings are... I just could not figure them out.

Conclusion: this is a paid software that to me looks more like a joke
 
Last edited by a moderator:
  • Like
  • Wow
  • +Reputation
Reactions: Antus67, Venustus, roger_m and 5 others
Cortex

Cortex

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Thanks for that, it does a fantastic job of ad-blocking though, no idea about what else it does? 😮 - The interface is from Windows 3, GeoBlocking does work though not sure how useful it is - Got a 30 trial so can't lose much - I too am running Norton 360- Found a thread on Wilders, has potential maybe?

Fog.jpg
 
  • Like
Reactions: Venustus, roger_m, plat and 4 others
B

BVLon

Cortex said:
Thanks for that, it does a fantastic job of ad-blocking though, no idea about what else it does? 😮 - The interface is from Windows 3, GeoBlocking does work though not sure how useful it is - Got a 30 trial so can't lose much - I too am running Norton 360- Found a thread on Wilders, has potential maybe?

View attachment 234609
Click to expand...
I updated my comment to reflect the software better...I don't think it is useful.
 
  • Like
  • HaHa
Reactions: Venustus, plat, oldschool and 3 others
Cortex

Cortex

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Used BlackFog for a couple of days & put it on my other half's new lappy & have to say I'm most impressed, I think enough to buy it - I appreciate others may not be but for me it does a great job.. I tried it a few months back & was undecided but IMHO, worth a try (y)(y)
 
  • Like
Reactions: Dave Russo, plat, Venustus and 4 others
Cortex

Cortex

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Azure said:
There's a long running thread over at Wilders and a developer is active there.
www.wilderssecurity.com

BlackFog Privacy

BlackFog's fileless cybersecurity software protects your online and offline privacy using real-time predictive threat detection. With 9 layers of...
www.wilderssecurity.com www.wilderssecurity.com
Click to expand...
Thanks I found that yesterday, the developer seems to be quite active - Thanks again :):)
 
  • Like
Reactions: Venustus, Protomartyr, BVLon and 3 others
Darren Williams

Darren Williams

Level 1
Mar 10, 2020
10
Just noticed this forum discussion. Happy to respond to any questions you guys may have. From a high level perspective we focus on Privacy and security and rather than focus on fingerprinting like all the other tools that exist we focus on data exfiltration, so we are able to stop attacks as they happen in real time by looking at the individual packets coming from the device itself.

As someone pointed out, we have a long running discussion on Wilders that might be useful from a discussion point of view as its a quite a different a approach. You will notice that we have very few false positives as well, so while you may think it is not doing anything it is actually quite busy.

If you have specific questions I am happy to answer them.
 
  • Like
Reactions: Venustus, Cortex, roger_m and 9 others
B

BVLon

Darren Williams said:
Just noticed this forum discussion. Happy to respond to any questions you guys may have. From a high level perspective we focus on Privacy and security and rather than focus on fingerprinting like all the other tools that exist we focus on data exfiltration, so we are able to stop attacks as they happen in real time by looking at the individual packets coming from the device itself.

As someone pointed out, we have a long running discussion on Wilders that might be useful from a discussion point of view as its a quite a different a approach. You will notice that we have very few false positives as well, so while you may think it is not doing anything it is actually quite busy.

If you have specific questions I am happy to answer them.
Click to expand...
So what's your approach and what are you trying to protect against?
 
  • Like
Reactions: Venustus, Cortex, roger_m and 4 others
Darren Williams

Darren Williams

Level 1
Mar 10, 2020
10
Here is a snippet of a response from Wilders:

BlackFog sits at layer 3 of the Network stack and watches all outbound traffic and watches for anomalies in behavior, this includes data leaking to known C&C servers, crypto mining sites etc. We look at how protocols are formed, what it is sending, how and where to determine if it is legitimate and block accordingly. We have about 12 different parameters (many more under development) that are used to determine legitimacy of the traffic. In addition we monitor executable location to prevent files being dropped on your machine. As pointed out this is very complex to do and it is done in real time.

We designed this to be no intrusive and minimize false positives.

We have a lot of blog articles that talk about each aspect in a lot more detail if you are interested. I would point you to the following as a starting point:

All About Data Exfiltration
 
  • Like
  • Thanks
Reactions: Venustus, Cortex, roger_m and 7 others
B

BVLon

Darren Williams said:
Here is a snippet of a response from Wilders:

BlackFog sits at layer 3 of the Network stack and watches all outbound traffic and watches for anomalies in behavior, this includes data leaking to known C&C servers, crypto mining sites etc. We look at how protocols are formed, what it is sending, how and where to determine if it is legitimate and block accordingly. We have about 12 different parameters (many more under development) that are used to determine legitimacy of the traffic. In addition we monitor executable location to prevent files being dropped on your machine. As pointed out this is very complex to do and it is done in real time.

We designed this to be no intrusive and minimize false positives.

We have a lot of blog articles that talk about each aspect in a lot more detail if you are interested. I would point you to the following as a starting point:

All About Data Exfiltration
Click to expand...
So you are saying your software can protect against data leaks, botnets, crypto-mining and file-less malware. Your software is supposed to block an executable from being written via PowerShell?
 
  • Like
Reactions: Venustus, Cortex, roger_m and 6 others
Darren Williams

Darren Williams

Level 1
Mar 10, 2020
10
A really good way to see what is going on is to run BlackFog and switch off the Profiling and Web Advertising options. Then use your browser to goto a few news sites. Then go to the exfiltration pane and click hosts. It will bring up a list of all the hosts that data is being exfiltrated to. Now turn those features back on and press CTRL+R (to reset the stats to zero) and do it again. Note how much the traffic has decreased in terms of the number of hosts and volume, normally by at least 50%.

You can do this for many of the other options as well. You can also review the events pane to see what it is actually blocking. I think you will be surprised by what you see.
 
  • Like
Reactions: Venustus, HarborFront, roger_m and 6 others
Cortex

Cortex

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
Hi: Darren, I noticed on my BF rules were from February which I was going to ask about but just noticed very recently now updated - I haven't had to to read the whole thread on Wilders but I'm assuming your rules don't need updating as frequently as for example 'Normal'' Ad rules for example - Excuse my ignorance but just been using BlackFog a few days but so impressed bought it :):)
 
  • Like
Reactions: Venustus, roger_m, oldschool and 3 others
Cortex

Cortex

Level 26
Thread author
Verified
Top Poster
Well-known
Aug 4, 2016
1,465
@Darren: Can you please answer a question, I've read all the info I can find & I think read the thread on Wilders but: Whatever I do with BlackFiog hidden or not I get a list of each & every site I've visited for anyone to view in 'ExFiltration' 'Hosts' - I don't mind Processes being view-able but all the sites I visit is the opposite of what I'm looking for in a big way, like the worst case scenario. There doesn't seem to be anyway to stop this happening altogether, I can't think of a reason I would ever want that? The screenshot with a couple of entries to show a potential issue is with Fog hidden. Hope there is a way & I'm wrong :oops:

CropImage.jpg


EDIT: I have the same situation on my other half's lappy, totally different PC, same situation, Events needs a clear button or no log for some don't keep events they too have IP's associated.
 
Last edited:
  • Like
Reactions: roger_m, Stopspying, Protomartyr and 4 others

Similar threads

simmerskool
    • Like
    • Applause
Advice Request Manjaro & vpn
Replies
38
Views
900
ChromeOS & Linux
lokamoka820
lokamoka820
Shadowra
    • Like
    • +Reputation
    • Applause
App Review UltraAV Antivirus 2024
Replies
28
Views
2,541
Video Reviews - Security and Privacy
Shadowra
Shadowra
Shadowra
    • Like
    • +Reputation
    • Wow
App Review MeyeProtect Antivirus 2024
Replies
2
Views
643
Video Reviews - Security and Privacy
Seandc33
S

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top