gwin

I know marcos, none 100% security vendor to abble guarantee detection and totally full protected of all possible objects, but this information can help anyone ESET user, to inform that the product they use can detect and protect against this type of ransomware, and try to see other aspects that are lacking to ward off this attack. thank you @Marcos

Hello everyone, on my region this variant ransomware is popular right now, this variant can infected multiple platform and this is very dangerous, because, I'm a worried about this type of ransomware threat, i know ESET abble to detection one of variant based on virus total. https://www.virustotal.com/gui/file/4800a67ceff340d2ab4f79406a01f58e5a97d589b29b35394b2a82a299b19745 But this one of variant lockbit 3.0 ? i dont know. is there any information related to ESET being able to detect variant Lockbit 3.0 such as information on the detection engine version and dates lauch or articles related to ESET having detected this variant. this data can use me and my team to push work hard to try defend more agresive on another scope, if ESET can detect this variant at long ago, I hope this article can also help others who need this information. thank you,

Thanks a lot Marcos Regards,

Hello ESET, The RansomEXX attack has been spreading a lot lately, I'm using ESET products so far not affected by this attack but is there any information regarding this type of ransomware attack, has it been detected by ESET For the variant name Detection ? The latest specific version of the module that contains this detection ? and whether for version 9.1 endpoint security can detect it ? , because some PCs still use Windows 7 Sp1. thanks and best regards,

I have the same problem agent can connect after restart service and a short time cannot connect agent again, same operating system Ubuntu Server 20.04 LTS version my ESET PROTECT Services : 10.0.2133.0, I also searched in some articles and can't find any information what the log status means, is there any information about the log status and how to fix it

hello @Omo i got same problem on several time, i check a logging agent and my communication on my client pc, if they are connected maybe need time completed sync to eset protect server logging location you can read this documentation : https://help.eset.com/protect_install/10.0/en-US/log_file.html I hope to help you with this explanation regards,

Hello everyone i looked at one of the logs on my server ESET Protect version 10, and got an error with this code Error: CReplicationModule [Thread 7f4db0dd1700]: RpcCheckReplicationConsistencyHandler: Failed to process request with error: random_device::random_device(const std::string&): device not available Error: NetworkModule [Thread 7f4dc9602700]: remote_endpoint: Bad file descriptor [system:9 at /mnt/toolchains/linux-gnu-gcc11.3.0-ep-9.1/opt/x86_64-linux-gnu/boost/1.80.0/include/boost/asio/detail/reactive_socket_service.hpp:218 in function 'remote_endpoint'] Is there an explanation related to the error, and is there a configuration miss that I did when upgrading my reference to upgrade using this link : https://help.eset.com/protect_install/10.0/en-US/upgrade_procedures.html my server using ubuntu 20.04 LTS Server. regards,

Hi everyone, i have the same problem here this problem happened to one of my on-premise console version 9.x, but i tried to apply this policy to trial cloud console to get other references, every time i do a direct search on webcontrol rules, so far it always throws an error and shows a notification to load repeat. I tried another version, Eset Protect version 8.1, the error didn't appear. Below is an example of an error that appears on the Eset Protect Cloud trial *version: EPC10.0.1042.0* *locale: en_US* *user.agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0 (gecko1_8)* *document: https://us02.protect.eset.com/era/webconsole/0488CCBC010421396299DB7626131C4B.cache.html* *url: https://us02.protect.eset.com/era/webconsole/#id=POLICIES:id=EDIT_POLICIES;u=426bcfc0-4c98-445a-ad01-da122bbd8073;e=false;wa=true;p=1* *error:* Config engine error: Internal CE: Array filter set gui filter failed, Status 7 Product: eset.local.products.endpoint Last loaded screen: wca.webcontrol.rules Last requested screen(s): wca.webcontrol.rules RPC method: _CE.rpc_api.array_filter_set_gui_filter maybe @obee can share the version of eset protection, which you are using, so we all know what version it happened in regards,

i had the same problem, but this problem hit to me on esmc version 7.x and i upgraded to version 8.1, this problem can be solved, i don't know this problem can happen again on new version, i will think twice about upgrading eset my current protection Does this happen because of the eset protect service or are there other components that have problems related to tweaking or the like, so far I haven't gotten any definite information.

Hello all I have a need to use the ip-guard application, I have tried to exclude it but the application installation process that I use still cannot run, because the tree process is still detected by ESET Endpoint Security is there a way to completely exclude all processes of this application, and if not, is there an explanation regarding why this application was blocked by eset (as a threat) Regards,

hello everyone, i have question about integration ESET PROTECT to ELK Stack, is posible to integration with that, berfore i look on menu settings can integration with syslog server. and if posible to integration with that, is there any documentation regarding this integration regards

Hello everyone EEI/EI is one of great product, iam use yearly to help me and my team to know issue of malware and similiar yet. i try to know this product step by step, and my question can EEI integration with Mitre ATT&CK and use external rules like Yara and Sigma rules. because on base knowledge i am not find this topic, one of i find create rules with base .xml : https://help.eset.com/tools/ei/ei_rules_guide_1.7.pdf i think its good for eei can use external rules to improve existing database rule list and detection

I know it doesn't guarantee 100% detect this attack but at least if it has been detected, then if it is attacked the possibility of an outbreak will be reduced to infect another device thank you for information @Marcos maybe i can check to another aspect to prevent this attack.

I read information from my friend and some news, many are affected by this type of ransomware, can ESET detect attacks from this ransomware? and is there any data signature update version information for this attack detection and prevention I am used ESET Endpoint Security, version 9.0.2046.0 last update 6/28/2022 11.42.29 AM Windows 10 20H2 64 Bit I'm afraid that ESET can't detect and prevent it yet thank you.

PDF or CSV status report name difference on ESET PROTECT I found two different status names on PDF and CSV In PDF status write in ABCD and then on CSV write on number (1,2,3) what is the meaning number on status CSV, does this mean the same as in the pdf ? is there any official documentation related to this On PDF FIle On CSV FIle