New Update CyberLock 8.0

[Fan-of-spyshelter]

 

[RSE9]

Is this setting enabled for you? If so, disable it.

That fixed it, thanks!

 

[Victor M]

@danb What Exactly does CyberLock do with scripts; cscript, powershell etc, LoLbins, and fileless attacks? If answered previously, please point me to the thread or post #. Thanks. Your previous answer was vague, saying only that they are handled. Doing some shopping and evaluation for a client.

 

[n8chavez]

That fixed it, thanks!

Awesomesauce!

 

[danb]

@danb What Exactly does CyberLock do with scripts; cscript, powershell etc, LoLbins, and fileless attacks? If answered previously, please point me to the thread or post #. Thanks. Your previous answer was vague, saying only that they are handled. Doing some shopping and evaluation for a client.

Quite simply, if those items are not whitelisted / manually allowed, they are automatically blocked. But there are exceptions. For example, apps that are in Program Files can have the scripts they call automatically allowed, pending certain checks. There are actually tons of hardcoded rules that we have added and refined throughout the years, so there are always exceptions to the simple answer that they are blocked.

Also, once we integrate Sirius into our other products, we will be able to seriously cool stuff with the items you mentioned above. Any potential attack that is text based that I have analyzed with Sirius has been 100% correct, and usually with 100% confidence. But to give you a simple idea of how it is going to work... say Edge starts the Photos app... we will send info like the process, parent process, command line, publisher, etc to the LLM for analysis, with instructions on how to analyze that particular attack chain / file type / etc. So with the Edge launching Photos, as long as there are not any malicious or obfuscated command lines, (like it is an obviously benign call), then the item will be auto allowed. Once I finish with Siris in the next 2-4 days, I will see if I can come up with some better examples. Right now my brain is tired. Thank you!

 

[n8chavez]

@danb, is there any way you can make your Cyberlock smart firewall rules for the WFP and not just for Windows' firewall? There are better third party programs for the WFP than there are for Windows' firewall anyway.

 

[danb]

@danb, is there any way you can make your Cyberlock smart firewall rules for the WFP and not just for Windows' firewall? There are better third party programs for the WFP than there are for Windows' firewall anyway.

Probably so, I will have to look into it to be sure, thank you for the suggestion!

 

[Helmut]

I'm a little confused now:

https://protergo.id/cyberlock-malware-hits-ai-users-with-fake-installers/

CyberLock Malware Hits AI Users with Fake Installers

CyberLock ransomware spreads through fake installers mimicking popular AI tools.

 

[n8chavez]

I'm a little confused now:

https://protergo.id/cyberlock-malware-hits-ai-users-with-fake-installers/

Confused about what? The name of the malware? Why does the name matter? It doesn't. It has nothing to do with cyberlock.global.

 

[Helmut]

Then it is a misinterpretation on my part regarding English.

Here (in German) only the name Cyberlock is mentioned in connection with ransomware, developed with Powershell, which confused me (Cyberlock and CyberLock, there is a difference?).

 

[Avethil]

Cyberlock and CyberLock, there is a difference?).

Hello, this is the thread for CyberLock cybersecurity software CyberLock - Automated and Effortless Zero-Trust Endpoint Protection , not for CyberLock ransomware, of course

 

[danb]

Hey Guys,

The Sirius integration into our other products is complete. We have a few small things to finish up, but these versions should be good to go.

I have not yet decided what we are going to do for the Sirius Snaspshot scan, and if it is going to replace the WhitelistCloud scan, mainly because the WhitelistCloud scan still has some value.

CyberLock still has the classic User Prompt as well, but you can use the new Sirius User Prompt by enabling the "Display simple user and mini prompts" option in the UI Tweaks tab. We will probably rename this option since the Sirius User Prompt replaced the old Simple Mini Prompt.

There should not be too many bugs, but I am sure we will find a few small things that need to be fixed.

SiriusGPT 0.80 beta
https://www.cyberlock.global/downloads/InstallSiriusGPT80.exe
SHA-256: b27a8d9cb21743b1010347816be2630d1ec53798739b5eaf1f7caa83f6bb0ee2

CyberLock 8.40
https://www.cyberlock.global/downloads/InstallCyberLock840.exe
SHA-256: d71d6601437e520a90cd4abaf00672c93fa296f6152a56b863c43c91455bb27c

DefenderUIPro 1.40
https://www.cyberlock.global/downloads/InstallDefenderUIPro140.exe
SHA-256: e6d7b5017aa826615b8317dc99292793f708159c6beff6a16280c83f9aa9b278

WDAC Lockdown 1.40
https://www.cyberlock.global/downloads/InstallWDACLockdown140.exe
SHA-256: 03c84ea49106a7ee1be9cf9cf3a63d928f28df3c00ad9eb64a94582c9baee99c

I will catch up on the posts when I get a chance, thank you guys!

 

[Kongo]

Never upgraded my Cyberlock to a new version. Do I need to install it on top of my current install of v. 8.02 or do I need to uninstall the old version before running the new installer?

 

[danb]

Sorry, I forgot, yes, you can install over the top if you like (for all of the products we released today). If you have a super old CyberLock installation that is like over a year old, I would uninstall, restart the computer and reinstall, and I would click Yes when it asks if you want to delete the Settings and Logs.

 

[Kongo]

Sorry, I forgot, yes, you can install over the top if you like (for all of the products we released today). If you have a super old CyberLock installation that is like over a year old, I would uninstall, restart the computer and reinstall, and I would click Yes when it asks if you want to delete the Settings and Logs.

Thanks @danb

 

[n8chavez]

This new version seems to be working well here. The new version installed just fine. I uninstalled SiriusGPT first. Also, I am not using any of my old whitelists or previous version's settings. One thing I would like it to see SiriusGPT take over the whitelist. They seem to overlap a ton, and users can just exclude (whitelist) anything within SiriusGPT anyway. Having both seems redundant. The stronger of the two should be used. The same goes for the on-demand scan.

 

[Kongo]

This new version seems to be working well here. The new version installed just fine. I uninstalled SiriusGPT first. Also, I am not using any of my old whitelists or previous version's settings. One thing I would like it to see SiriusGPT take over the whitelist. They seem to overlap a ton, and users can just exclude (whitelist) anything within SiriusGPT anyway. Having both seems redundant. The stronger of the two should be used. The same goes for the on-demand scan.

It's working well on my end too but I now don't see the difference between Cyberlock and SiriusGPT anymore. So now there is no more VoodooAi and second opinion scan option?

 

[n8chavez]

I was under the impression that VoodooAI was replaced why WhiteCloud a while ago. There is, for now, a WhiteCloud scan option, but I think that'll be replaced by something like SiriusGPT's snapshot scan. I don't really care what CL uses, as long as the stronger of the scans is used.

 

[Kongo]

I was under the impression that VoodooAI was replaced why WhiteCloud a while ago. There is, for now, a WhiteCloud scan option, but I think that'll be replaced by something like SiriusGPT's snapshot scan. I don't really care what CL uses, as long as the stronger of the scans is used.

That's true but for paying costumers additional tokens for manual SiriusGPT scans would be a nice addition considering that the free standalone SiriusGPT app offers the same amount of tokens (50k) per day.

 

[n8chavez]

That's true but for paying costumers additional tokens for manual SiriusGPT scans would be a nice addition considering that the free standalone SiriusGPT app offers the same amount of tokens (50k) per day.

As does Cyberlock. At least that's what it displays on the top of the GUI, to the right of "Threats Blocked". I believe that number in both cases was 50k. I'm sure something will be worked out. But remember, tokens are not free. They come at a costs, and I don't think @danb should have to shoulder that. Cyberlock has been improved, that should costs users too.