New Update VoodooShield CyberLock 7.0

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
@danb when you have time (near future) could you explain optimal usage of Attack Chains. Eg, I just updated to 7.69, install no problems seen, and I have 240 attack chains listed, probably collected over the past several weeks. What are we looking for there, and how often should user clear to start recording a new list? :unsure:
PS liking the Windows Sandbox feature a lot :D on my hardware win10. (so far my VMware win10s will not run Windows Sandbox -- but fwiw, I started to run Sandboxie-Plus in VM. :whistle:)
 

Victor M

Level 13
Verified
Top Poster
Well-known
Oct 3, 2022
645
Not that I can think of. Can you please send me the Xcitium alert and I can look into this and try to make sense of it? Thank you!
cyberlock-write.png
 

Attachments

  • cyberlock-write.png
    cyberlock-write.png
    215.6 KB · Views: 68
Last edited:

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
@danb when you have time (near future) could you explain optimal usage of Attack Chains. Eg, I just updated to 7.69, install no problems seen, and I have 240 attack chains listed, probably collected over the past several weeks. What are we looking for there, and how often should user clear to start recording a new list? :unsure:
PS liking the Windows Sandbox feature a lot :D on my hardware win10. (so far my VMware win10s will not run Windows Sandbox -- but fwiw, I started to run Sandboxie-Plus in VM. :whistle:)
Sure, the Attack Chains feature mainly works under the hood, drastically reducing unnecessary user prompts, and requires zero user intervention.

The Attack Chains tab in CyberLock settings gives you an idea of what is going on under the hood, but it is not absolute because hardcoded or user rules can override the events listed in the Attack Chains tab. There are a lot of new features we will be implementing soon that will make the Attack Chains feature even more useful. One of the things I use it for is if there is ever a process that is running that I am not sure where it originated from, I can search in the Attack Chains tab and find out exactly where it originated.

Yeah, I am loving Windows Sandbox as well... it really is a perfect fit with CyberLock. We will be able to do some more really cool things with the Windows Sandbox integration very soon. Thank you!
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
A few users have asked about how the Attack Chains tab takes a few seconds to load, here is a brief description of why...

It takes a while to enumerate the attack chains and apply the rules, there is not much that can be done about that, some operations just take time. If we enumerated the attack chains and applied the rules when the CyberLock Settings are opened, it would lag every single time Settings was opened, whether the user clicks on the Attack Chains tab or not. Probably the best thing we can do is to add a progress bar during this operation. I thought greying out the Attack Chains tab would suffice, but this does not appear to be the case.
 

scorpionv

Level 2
Apr 20, 2020
87
A few users have asked about how the Attack Chains tab takes a few seconds to load, here is a brief description of why...

It takes a while to enumerate the attack chains and apply the rules, there is not much that can be done about that, some operations just take time. If we enumerated the attack chains and applied the rules when the CyberLock Settings are opened, it would lag every single time Settings was opened, whether the user clicks on the Attack Chains tab or not. Probably the best thing we can do is to add a progress bar during this operation. I thought greying out the Attack Chains tab would suffice, but this does not appear to be the case.

I can imagine enumerating and sorting the Attack Chains in a database the moment a new Attack Chain is added (like a database INSERT), and loading only the top 30 when opening the page (like a database SELECT). Further SELECTs are only necessary when the user scrolls, or changes the sort order.

But I don't know what goes on behind the Attack Chains scenes, and if this is even a possibility.
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
Seeing the attack chains is useful but I'm fine with it taking what is currently 10 seconds to display them as it's only to delve further into blocks but it's not something I've had to look into beyond some OEM software blocks.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
I can imagine enumerating and sorting the Attack Chains in a database the moment a new Attack Chain is added (like a database INSERT), and loading only the top 30 when opening the page (like a database SELECT). Further SELECTs are only necessary when the user scrolls, or changes the sort order.

But I don't know what goes on behind the Attack Chains scenes, and if this is even a possibility.
Sure, we can look into this, thank you!
 
  • Like
Reactions: simmerskool

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
@danb I don't even see why users would need to see AC info ... What would you use the info for? 🤔
Most users never even open CyberLock Settings. Most of the Attack Chain features happens under the hood, but it is nice to see what is going on under the hood if you are an advanced user. We will be adding features to the Attack Chain feature, then it will make sense why they are included in settings. That, and if you are curious what is spawning a certain item, you can quickly find it in Attack Chains.
 

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
Hey Guys!

I have been playing around with the desktop shield gadget design, can you please try this version and let me know what you think?

If we do change to this type of desktop shield gadget, we will be able to have better descriptive labels other than simply ON and OFF, and we will be able to localize the labels for all of the languages. It will take a little while to get used to, but I think after a day or so most people will like this change, but please let me know what you think!


New gadget.png


Thank you guys!
 

Oldie1950

Level 7
Verified
Well-known
Mar 30, 2022
306
Hey Guys!

I have been playing around with the desktop shield gadget design, can you please try this version and let me know what you think?

If we do change to this type of desktop shield gadget, we will be able to have better descriptive labels other than simply ON and OFF, and we will be able to localize the labels for all of the languages. It will take a little while to get used to, but I think after a day or so most people will like this change, but please let me know what you think!


View attachment 281001

Thank you guys!
I like it very much!
 

ErzCrz

Level 23
Verified
Top Poster
Well-known
Aug 19, 2019
1,222
@danb Really like the look of the new icons and echo what @oldschool said.

What might be good feature is to have it be a double click to turn it on or off rather than a single click so it's not turned off in error. Or even just with a single click, showing the Mode so you can just select from the list and choose what mode you wish to have CL/VS in as I pop it in autopilot when I'm changing some software or there's a game update etc.
 

v4npro

New Member
Apr 20, 2019
7
Hey Guys!

I have been playing around with the desktop shield gadget design, can you please try this version and let me know what you think?

If we do change to this type of desktop shield gadget, we will be able to have better descriptive labels other than simply ON and OFF, and we will be able to localize the labels for all of the languages. It will take a little while to get used to, but I think after a day or so most people will like this change, but please let me know what you think!


View attachment 281001

Thank you guys!

I like it as well. Is it possible to give us options. I wouldn't mind having an icon without the logo and perhaps a thinner border.
 
  • Like
Reactions: danb

danb

From VoodooShield
Thread author
Verified
Top Poster
Developer
Well-known
May 31, 2017
1,742
@danb Really like the look of the new icons and echo what @oldschool said.

What might be good feature is to have it be a double click to turn it on or off rather than a single click so it's not turned off in error. Or even just with a single click, showing the Mode so you can just select from the list and choose what mode you wish to have CL/VS in as I pop it in autopilot when I'm changing some software or there's a game update etc.
Thank you, I will keep your suggestions in mind. We have played around with the single and double click in the past and always ended up where it currently is, but we can certainly revisit this as well.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top