Softpedia >Mac >Security >RansomWhere? >  Changelog

RansomWhere? Changelog

What's new in RansomWhere? 1.2.5

Jun 12, 2018
  • on upgrade, list of pre-installed apps is retained
  • improved code signing checks (mahalo @midnite_runr!)

New in RansomWhere? 1.2.4 (May 27, 2018)

  • Expanded whitelist
  • Fixed file handle leak
  • Reduced false positives by ignoring gzipped files

New in RansomWhere? 1.2.3 (Oct 6, 2017)

  • Improved memory usage.

New in RansomWhere? 1.2.2 (Sep 29, 2017)

  • Improved error checking.

New in RansomWhere? 1.2.1 (Sep 27, 2017)

  • improved High Sierra compatibility
  • improved process path resolution

New in RansomWhere? 1.2.0 (Apr 20, 2017)

  • Added process monitoring to:
  • reduce time to detect untrusted processes
  • track children that are creating encrypted files
  • identify trusted processes creating encrypted files on behalf of an untrusted ancestor
  • Added processes signing info to alert window
  • Added ability to persistently approve unsigned binaries (via hash)
  • White listed (via code-signing auth) more AV prodcuts, and other false-positives
  • Bug fixes, code optimizations, etc.

New in RansomWhere? 1.1.0 (Apr 14, 2017)

  • added processes signing info to alert window
  • added ability to persistently approve unsigned binaries
  • white listed (via code signing auth) more AV prodcuts, and other false-positives
  • bug fixes, code optimizations, etc.
  • added process monitoring to:
  • a) reduce time to detect untrusted processes
  • b) track children that are creating encrypted files
  • c) identify trusted processes creating encrypted files on behalf of an untrusted ancestor

New in RansomWhere? 1.1.0 (May 24, 2016)

  • expanded monitoring to entire file-systems (not just /Users/*)
  • extended support to older OS X versions (back to OS X 10.8)
  • added command-line interface ('-install' and '-uninstall' for easier (non-UI) deployment)
  • alerts and user's response now logged to system log
  • now trusts signed/verified apps from Mac App
  • white listed (via code signing auth) various AV products, and other false-positives
  • gray listed Apple-signed apps such as Python, etc (to not explicitly trust)
  • explicitly set launch daemon plist to r/x
  • improved enumeration for installed/baselined apps
  • improved UI (alert, install window, etc)
  • added drop down menu for installer
  • created .dmg and .pkg builds for easier deployment
  • bug fixes, code optimizations, etc.

New in RansomWhere? 1.0.0 (Apr 20, 2016)

  • Initial release