New Update VoodooShield CyberLock 7.0

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
update to above: still running CL 7.65 I let win10 update to new_outlook, I got outlook to login to my email, then clicked a link in an email and YES, Edge opened to that link INSIDE WinSandbox. :D Nice.

Yeah, the timing for the automatic upgrade could not be more perfect ;).

Thunderbird should still work with but you might get the following message.

View attachment 280554

If anyone does get a message like this, please post or email me the message, along with which email client you are using, and it will be fixed for the next version.

I really need to spend a few hours and install each email client and tweak them so they all work properly. I just have not had a chance to do so.
haha I did get that EXACT popup after Mail "updated" to new_outlook, and then Sandbox opened anyway running Edge and opened to the email link I clicked.

PS only semi-related, but down in the systray (or whatever it's called now) I have no icon for Mail or Outlook, only blank zone where the icon is or should be and 1-click on that zone opens the eg Outlook. I think this is NOT a CL issue but something with win10

PS2 update: on win10 running 7.65 and now new_Outlook, I do get the admin warning popup but it dissolves and Edge opens in Sandbox. :) This time I changed CL config launch email to [Ask] and it worked aok giving me the option to open Sandbox or Edge. Here is something I do not understand but again more MS related than CL related. Outlook is logged into my imap email server and inbox, but Outlook does not know or find contacts stored in that webmail server. :unsure: Perhaps I can import... IMO Outlook is too busy, I am too unfamiliar with it.

another experience update: now running 7.66 and Thunderbird 115.6 imap config. fwiw, I prefer TB. I clicked a link and I did get that popup

>>This file does not have an app associated with it for the performing this action. Please install an
>>app or, if one is already installed, create an association in the Default Apps Settings page.

but then the Win_Sandbox did open with Edge displaying the URL linked page...

@danb
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
Hey guys, I still have to catch on the posts and email, but for now here is a version that should work great with all versions of Outlook and Thunderbird. While testing, it appears that Microsoft is doing away with the Mail app and having everyone upgrade to Outlook, on both Windows 10 and 11. If that is the case, we will not even worry about getting the new sandbox feature to work with the Mail app. I also added the Floorp web browser.

CyberLock 7.67
SHA-256: 4f556c36e4cefee947a16517a67468863e7a30d3aa360c0af29a4ed9ca04ed72

So everything should be working perfectly with the major email clients in 7.67, but please let me know if something is not working quite right. I will start testing and tweaking the lesser known email clients the next couple of days, thank you guys!
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
CyberLock 7.67

So everything should be working perfectly with the major email clients in 7.67
yes confirmed here (fwiw) Thunderbird 115.6.0 worked aok with CL email launch without the app association popup.
sidenote: what is "weird" is seeing webpage adds in Sandbox_Edge -- I am use to seeing mostly clean filtered webpages, no distractions. o_O:rolleyes:
 
  • Like
Reactions: danb and Dave Russo

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
Hey Guys,

Here is 7.68, it should be pretty much ready for public release, but if you find anything please let me know! I finished the language translations for the new features, so hopefully those are all working correctly. I also finished polishing the new Windows Sandbox features.

BTW, I played around with enabling Windows Sandbox on Home versions of Windows, and I was not able to get it to work, and I do not think it is going to work reliably moving forward. So we are not going to support the new Windows Sandbox feature for Windows Home versions. And honestly, I would not even try installing Windows Sandbox on Home editions of Windows… it takes forever to install and does not seem to work.

I was able to catch up on the emails, but I have not caught up on the MT posts yet, I hope to do that soon.

CyberLock 7.68
SHA-256: 7d6aeafd82af62e1899ef619459d63957b761811ab3336ab479c64efdd8207bd


Thank you guys!

Dan
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
BTW, I played around with enabling Windows Sandbox on Home versions of Windows, and I was not able to get it to work, and I do not think it is going to work reliably moving forward. So we are not going to support the new Windows Sandbox feature for Windows Home versions. And honestly, I would not even try installing Windows Sandbox on Home editions of Windows… it takes forever to install and does not seem to work.
Still a little pricey for the Pro Upgrade at my end so will wait until later in the year but I'm happy enough that VS/CL can simply block/quarantine the unknowns/malware, which was usually the option I went with when using the likes of CF :)
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
@danb Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL search order hijacking technique," cybersecurity firm Security Joes said in a new report exclusively shared with The Hacker News.


the above DLL warning was posted in another thread, but wonder if VS/CL protects against this threat? :unsure:

Here is 7.68, it should be pretty much ready for public release,

CyberLock 7.68
SHA-256: 7d6aeafd82af62e1899ef619459d63957b761811ab3336ab479c64efdd8207bd
curious on win10 hardware pc, using Edge with Malwarebytes Browser Guard it just blocked this download! with memo 2.6.17 |Heuristics: a suspicious download.
but I also downloaded 7.68 on VM with Edge with Malwarebytes Browser Guard and it was not blocked.
EDIT update, but on 2d try same Edge, this time 7.68 downloaded aok.
anomaly day 2024... (and it's only day 002 :rolleyes:)

Installed 7.68 on hardware win10, CL Sandbox feature working as expected with Thunderbird... :D
and I have the Sandbox disabled on my VMware win10_VM, as it does not "recognize" the virtualization. Dan mentioned it might work to create a nested sandbox with the right tweaks. Not necessary, just wondering if anyone knows how to do this... :unsure:
 

gorblimey

Level 3
Verified
Aug 30, 2017
101
... Ultimately, we are moving away from a decouple whitelist of various items, to an app based product. ...
Hi Dan, long time no see.

Just a couple of points - the main one being the app-base development. I'm one of the multitude who see no reason to move down to W10+++ (and very many of those are corporate!) from the heights* of Win7 which is not familiar with "apps". Desktop PCs don't seem to tolerate "apps", at least from what I've seen on my daughter's W10 lappy which -- really!!! -- has TWO Outlooks, one an actual program in Program Files and also a well-concealed app which I had to hunt down like I was in WinBadXP to get VS to see it!

* There was Win2K which was perfection incarnate, then the crazies in MS seized power, before the counter-revolution which granted us Win7 (nearly perfect).

The other point is one you mentioned about fixing the light mode display. I have just upgraded to 7.63, and the light mode is catastrophic in the true MS fashion, blinding white backgrounds and black wording. It would be worth replacing the text backgrounds with maybe 243,254,211 (light parchment) and 0,51,0 (easy-on-the-eye font colour) just as a start. Actually, all the black bits could be replaced with 0,51,0 or similar, it is just easier on the eyes. I use the Windows Classic desktop so this is easy for me if the program allows it, but it doesn't, so...

... Aaaand, the alert bar :( It took me a while to get past the Dark Mode and see the options, NOT helped by sitting just above my task-bar AND merging with the Dark Mode of the CL display.
 

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
Hi.
This software has caught my eye and i am wondering, as i get it, it protects the browser also so there is no need for Sandboxie, really.
I am a long time continual user of VS/CL, but I cannot explain what goes on, exactly how it protects, under the hood, when I was more familiar with Sandboxie, the question I would ask is CL protecting apps running with Sandboxie, and inside Sandboxie. From what I can tell, both sbie+ & CL seem compatible on win10, no slowdowns. I assume both are doing different things security-wise, with no slowdowns, so if you like sbie, use it. Perhaps @danb could chime in about this.
 

pxxb1

Level 10
Verified
Well-known
Jan 17, 2018
484
I am a long time continual user of VS/CL, but I cannot explain what goes on, exactly how it protects, under the hood, when I was more familiar with Sandboxie, the question I would ask is CL protecting apps running with Sandboxie, and inside Sandboxie. From what I can tell, both sbie+ & CL seem compatible on win10, no slowdowns. I assume both are doing different things security-wise, with no slowdowns, so if you like sbie, use it. Perhaps @danb could chime in about this.

I have asked him by mail and will see what he says but, basicly CL locks down the browser so it should be as safe as with sandboxie. The thing with sandboxie is that you have other options and of course that it is another kind of app - protection, but the basic browser protection should have the same intention behind it, if i got it right.

I like the fact that with CL one can run any file in Windows sandbox and so test programs, just like with Shadow Defender, Deep Freeze etc. But without the restart which is a big bonus. So if one runs Sandboxie and Deep freeze, one can uninstall them and use CL instead, 1 instead of 2.
 
Last edited:

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,785
I have asked him by mail and will see what he says but, basicly CL locks down the browser so it should be as safe as with sandboxie, the thing with sandboxie is that you have other options and of course that it is another kind of app - protection. But the basic browser protection should have the same intention behind it, if i got it right.

I like the fact that with CL one can run any file in Windows sandbox and so test programs, just like with Shadow Defender, Deep Freeze etc. But without the restart which is a big bonus. So if one runs Sandboxie and Deep freeze, one can uninstall them and use CL instead, 1 instead of 2.
yes, I am liking the CL Win Sandbox feature which is very new. It is good for security, and you can run sbie+ at the same time, and in some ways sbie+ is a little more user friendly... My understanding is that CL locks down the system when browser is running.

EDIT IMO CL is very user friendly, I meant sbie+ running a browser has the browser's features you normally use while CL Win Sandbox runs a pure featureless Edge, no extensions, etc, no access to clipboard, etc, so it primarily used for inspecting unknown URL arriving in your email client. You can add an extension, but then when you close Win Sandbox, all features are gone and next you open it, you have to reinstall extensions, etc, if you want to do that.
 
Last edited:
  • Like
Reactions: [correlate]

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
I have asked him by mail and will see what he says but, basicly CL locks down the browser so it should be as safe as with sandboxie, the thing with sandboxie is that you have other options and of course that it is another kind of app - protection. But the basic browser protection should have the same intention behind it, if i got it right.

I like the fact that with CL one can run any file in Windows sandbox and so test programs, just like with Shadow Defender, Deep Freeze etc. But without the restart which is a big bonus. So if one runs Sandboxie and Deep freeze, one can uninstall them and use CL instead, 1 instead of 2.
I'm a new VS/CL user but VS/CL protects your whole system from any unknown files including malware using whitelisting and behaviour blocking. I don't have Win 11 Pro so not using the sandbox feature at my end but it locks down your system and prevents from unknowns and malware from running as well as analysing those files in the cloud. I believe the cuckoo sandbox (cloud environment) is still an option with CL/VS but I've not tried it. It's light on the system and I'm really enjoying it.
Have a look at the website and the manual or even download the trial version.
1704660030785.png
 

scorpionv

Level 2
Apr 20, 2020
87
Feature request: Remember sort order on 'Whitelist' (Editor), 'User Log', 'Command Lines' and 'Attack Chains' tabs. These revert to a default setting everytime CyberLock (the PC) restarts.

I think the same goes for the other tables in the Cyberlock GUI as well, but no time to test it now.
 

1chaoticadult

Level 2
Verified
Jul 29, 2013
54
Feature request: Remember sort order on 'Whitelist' (Editor), 'User Log', 'Command Lines' and 'Attack Chains' tabs. These revert to a default setting everytime CyberLock (the PC) restarts.

I think the same goes for the other tables in the Cyberlock GUI as well, but no time to test it now.
I can confirm this. But it also reverts to default settings on these mentioned tabs when I close the app. It's annoying but should be an easy fix for Dan.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
Feature request: Remember sort order on 'Whitelist' (Editor), 'User Log', 'Command Lines' and 'Attack Chains' tabs. These revert to a default setting everytime CyberLock (the PC) restarts.

I think the same goes for the other tables in the Cyberlock GUI as well, but no time to test it now.
Thank you for the suggestion, we will look into this for future releases.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
Hi @danb
Have you thought about adding the Bosnian/Croatian/Serbian language? I can help with that and correct any errors that appear in the translation
Not yet, but we should probably add a bunch of new languages soon. Thank you for offering to help!

We should probably make a list of new languages to add. Does anyone else have any suggestions on what other languages we should add?
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top