Video Review RansomOff - First Look at New User Interface

Discussion in 'Video Reviews' started by Captain Awesome, Oct 1, 2017.

?

Do you like new GUI?

  1. Yes

    42.5%
  2. Need more work

    30.0%
  3. No

    27.5%
  1. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,294
    5,745
    Far East
    #21 HarborFront, Oct 27, 2017
    Last edited: Oct 27, 2017
    IMO, the color of black and grey combo is a poor choice. Maybe you can come out with a few GUIs with different color selection for the user to choose

    :)
     
  2. cruelsister

    cruelsister Level 32
    Trusted

    Apr 13, 2013
    2,131
    12,418
    NYC
    Funny you should ask as I was screwing around with the bunch earlier this week with a specific focus on modified NotPetya variants. The most impressive result came from an application that I mercilessly mocked in the past, that being RansomFree. Not wanting to accept that either they improved or (God Forbid!) that I could have been wrong I also added on some other nasties and sadly got a very good (perfect for my malware set) result. As I misplaced my Ranstop credential so I couldn't test that one.

    So although both Ranstop and AppCheck have excellent backup options I question efficacy of AC due to the NP result; jury is still out on Ranstop until I can test it.
    That leaves Ransomfree and RansomOff. Once RansomOff comes out of RC status it may (will) have the greater utility due the HIPS, but the HIPS settings have to be optimized some way to prevent FP's. RansmomFree has improved and I guess can now be considered a viable option.
     
  3. HeiDef

    HeiDef From HeiDef
    Developer

    Mar 27, 2017
    77
    415
    US
    Thanks. We changed some things up a bit from the video but it still has a dark layout. Once we finally get the updated release out maybe we will go back and add an option so you can select a light or dark layout.

    Speaking of the updated release, it should be any day now. There are just a few finishing touches left.
     
  4. HeiDef

    HeiDef From HeiDef
    Developer

    Mar 27, 2017
    77
    415
    US
    We released it back in March so a few months old but always constantly evolving and improving.
     
  5. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,294
    5,745
    Far East
    #25 HarborFront, Oct 28, 2017
    Last edited: Oct 28, 2017
    @HeiDef

    I refer to the features listed on your website particularly

    Heilig Defense RansomOff

    Startup change detection
    System file change detection
    Process hollowing detection

    Are these protected by RansonOff besides just detection? It's no point having detection without protection.

    One suggestion. Can you show what ransomware are being protected against by RansomOff on your website like when the ransomware was neutralized etc This allows the user to know the effectiveness of RansomOff against the latest ransomware. Maybe the earlier ones you can lump them together but starting with some of the latest ones, say for the past 2 months or so, can you assign some dates to them?

    Thanks
     
    XhenEd likes this.
  6. HeiDef

    HeiDef From HeiDef
    Developer

    Mar 27, 2017
    77
    415
    US
    RO does some analysis on the actions to filter out legit operations but like you said, the tuning of the HIPS settings as well as any exemptions goes a long way in preventing unnecessary notifications.
     
    Azure Phoenix, HarborFront and XhenEd like this.
  7. HeiDef

    HeiDef From HeiDef
    Developer

    Mar 27, 2017
    77
    415
    US
    With the addition of the new HIPS settings in the soon-to-be-released version, all of the things that RO detects can be blocked at the point in time of notification.

    For the website, do you mean just a list of ransomware families RO protects against? Or video demos of new ransomware strains?
     
    HarborFront and XhenEd like this.
  8. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,294
    5,745
    Far East
    #28 HarborFront, Oct 28, 2017
    Last edited: Oct 28, 2017
    That's great. Waiting for the official release then.

    No need video. Just a tabulated reverse chronological listing with dates and status will do. This will keep the user informed of the latest ransomware and the speed at which RansomOff can neutralized them e.g. of status like 'Neutralized', 'Working On It' etc

    A table like

    Name of Ransomware............Status.............Date Neutralized

    Thanks
     
    XhenEd likes this.
  9. HeiDef

    HeiDef From HeiDef
    Developer

    Mar 27, 2017
    77
    415
    US
    RansomOff is signature-less so the neutralized date should be whatever date the ransomware is released. Now obviously no software is 100% but for the most part RO can handle the majority of ransomware as it comes out.

    But I understand your point. A website refresh is on our to-do list which will make it more informative of RO's capabilities.
     
    XhenEd and HarborFront like this.
  10. cruelsister

    cruelsister Level 32
    Trusted

    Apr 13, 2013
    2,131
    12,418
    NYC
    #30 cruelsister, Oct 28, 2017
    Last edited: Oct 29, 2017
    Guys- I came to my senses and will be publishing the RansomOff vs RAT video tonight before I go out. This will be for a single RAT sample but will indeed demonstrate the HIPS.

    Plus the song is too pretty to waste...

    Correction to a previous post above- Although RansomFree did indeed stop BadRabbit and the initial NotPetya malware that I tried, my cat re-coded NotPetya (Ophelia is such a bitch) and RansomFree failed.
     
  11. Lightning_Brian

    Lightning_Brian Level 7

    Sep 1, 2017
    339
    1,703
    Information Technology
    USA
    Windows 10
    Norton
    @HeiDef Nice! I'll be putting this software to test in my virtual machine sometime soon. I'm really liking everything I'm seeing thus far. I'm quite excited about this software.

    @cruelsister Thanks for publishing the videos. Nicely done!
     
    XhenEd likes this.
  12. paulderdash

    paulderdash Level 3

    Apr 28, 2015
    121
    331
    In the æther ...
    God forbid! Ophelia is clearly on your side ;).
     
  13. Telos

    Telos Level 8

    Jan 29, 2017
    375
    985
    Baana
    Agree 100%.

    I seldom interface with the GUI. Set and forget. And should ransomware raise its head, I shan't complain of how my rescuer clothes herself.
     
  14. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,294
    5,745
    Far East
    @HeiDef

    Your website says RansomOff detects and defeats the latest threats with Next-Gen defense by using machine learning techniques to evaluate and stop threats in real-time, even unknown ones.

    Heilig Defense

    So do you consider RansomOff as a TRULY Next-Gen security software?

    Thanks
     
  15. HeiDef

    HeiDef From HeiDef
    Developer

    Mar 27, 2017
    77
    415
    US
    Our other security product, Correlate, uses ML techniques. RansomOff does not. But I can see how the website could confuse. I'm not sure if the term next-gen has a standard definition but I've generally taken it to mean a signature-less solution able to handle new and emerging threats. In that case, RansomOff fits that definition. So depending on how you define next-gen, your mileage may vary.
     
  16. plat1098

    plat1098 Level 5

    Aug 23, 2017
    227
    1,332
    Brooklyn
    Windows 10
    Microsoft
    You got HIPS coming up? :love: Count me in. If successful, this may replace some redundant and therefore unnecessary software and settings. (y) I'll be watching.
     
  17. bjm_

    bjm_ Level 3

    May 17, 2015
    106
    180
    Zestafoni, Georgia
    Windows 10
    Microsoft
    #37 bjm_, Oct 29, 2017
    Last edited: Oct 29, 2017
    Please do not install RansomOff at this time if you have Secure Boot enabled.
    ?
    isn't there a real security advantages to having Secure Boot enabled

    Edit:
     
  18. boredog

    boredog Level 8

    Jul 5, 2016
    387
    809
    Retired
    usa
    Windows 10
    Malwarebytes
    Where is the new video link posted?
     
  19. paulderdash

    paulderdash Level 3

    Apr 28, 2015
    121
    331
    In the æther ...
    #39 paulderdash, Oct 30, 2017
    Last edited: Oct 30, 2017
    Yikes, I wasn't even aware of this, but I haven't had a problem on my old Dell XPS with Win 10 Pro x64 v1709 16299.19 with Secure Boot enabled.
     
  20. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,246
    13,483
    Utopia
    I have two windows 10 machines, and one gives me stern warnings when the drivers are not co-signed by MS, while the other machine is more lenient. I don't understand why.
    But if it works, it works.
     
    HarborFront and XhenEd like this.
Loading...
Similar Threads Forum Date
Q&A RansomOff Bug with OneDrive for students Other Security for Windows Yesterday at 3:34 AM
Update RansomOff 5.2018.1.6291 (RC1) Other Security for Windows Jan 1, 2018
Update RansomOff 5.2017.365.6848 (RC1) Other Security for Windows Dec 31, 2017