I know that Sophos has merged Hitmanpro/HitmanPro.Alert within themselves, and I decided to run the hmpalert-test.exe as a test for some of the same exploits that the Sophos Tester tool has. I used the publicly available hmpalert-test.exe from the Sophos website (x86 v1.9.2) and the "ROP - system() in msvcrt exploit" succeeds with no alerts/blocking from Intercept X. Can you please analyze and advise on this? Running Windows 10 Enterprise x64, not a VM.
Along the topic of HitmanPro.Alert - I know the keystroke logging option of the hmpalert-test.exe is not listed as an exploit, but it would be nice if Intercept X included protected from screen/key grabbing, or at the very least encrypted keystrokes like HitmanPro.Alert does (which is actively shows, especially on sensitive websites, which is great for clients to see, as it gives them a better sense and feeling of protection). I mention this because it is a HUGE sell for the Healthcare Industry (of which most of my clients are comprised), who trying to limit their liability with HIPAA regulations, mainly by making the move to the cloud rather than storing PHI (Patient Health Information) locally; but web portals and anything they type/view is still a huge risk/vulnerability and as such a HIPAA violation if their keystrokes are recordable outside of the necessary application (say Chrome/Edge/Mozilla/Internet Explorer) or if screen grabbing techniques are employed when entering Patient Health Information. So while Healthcare Clients may not store the data locally (hence the cloud move, less liability if breached because the onus is not on them for compromised PHI then) if the data a Healthcare Employee is entering is captured as it is typed into say a web portal for online cloud storage then they are still held liable by HIPAA and the penalties would be significant.
Best regards,
Alex Thompson
This thread was automatically locked due to age.