khairulaizat92

News from Bleeping Computers: https://www.bleepingcomputer.com/news/security/iobit-forums-hacked-to-spread-ransomware-to-its-members/ Personal Note: Man that nasty, if eset forum is hacked, and i got this type of email, im surely gonna be tricked. Anyway, when i checked at virus total, eset still not update the dll detection yet. I wonder if in the real time it already been added to the detection?

Noted, thanks for the info 😁

Dear Sir Mdm, Im authorised reseller for ESET. And recently i have few customer that using ESET Cloud Solution on the premise. So my question is, is there anyway i can manage the customers account in EBA and ECA using my company email address instead of need to logged in using the customers credential? I tried by adding my email at Customer A EBA account and assign the highest permission available. Then i tried to add my email on Customer B EBA account, but it rejected saying that the email address already existed (referring to the email present at Customer A EBA Account). So is there anyway that i can access the customer account via EBA and ECA using my own same credential instead of having to depends on customers credential to logged in?

ESET Internet Security with Anti-Theft features should work nicely on your laptop, in the end, it depends on your budget. I do think it much cost saving to purchase for 2 or 3 users license instead of purchasing 1 to 1 license. Try asking ESET on your origin country for more info.

Hi Good Day, I will answer based on my ESET region experience. 1) do you purchase boxes license or online license? Boxes license can be activated anytime, while online license, the license activated the first day of your purchase. 2) As your purchase new license, i dont think it will extend the current existing subscription. I believe you should wait near expiry date. 3) Yes you can insert into license manager at my.eset.com, the license will be manage separately one another so there will be no issues it will mixed up with other activation code. Once your current subscription expired, simply put the new license on your current existing installation. Im just curios, did your origin country did not offer renewal pricing? renewal will extend the current subscription instead of replacing it with the new one. And do you purchase separate license for that 3 device or 1 license for 3 device?

For some region the license offered up to max 3 years. But then again, if you purchase 1 license (3 user 1 year) the start date start at the first day of purchase for online purchases, and first day of the 1st device activation for box purchases. Unless if you purchase 3 different license for 1 device (Box version). Then you might be able to use is year after year after yea. But please refer to your local eset support either the license can be kept for more than a year or two yea.

Hi, I have found certain cases in Malaysia, and it might be the same for you in your case. You have purchase illegal license from unauthorized reseller. And usually this pirate reseller has abuse the way license being activated by selling it to so many people at the same time. I didnt know how they manipulate this, but on the recent years i have seen decreasing in this kind of cases maybe to ESET new license manager. My advice is that you only purchase the license from an authorised reseller and to ensured that your license is safe, registered it at my.eset.com license manager to ensured that its only yours. As eset license manager only allowed the first email registered with the license to be used with the account. So hope this answer many others who ended up with such problem. You will need to repurchase new license key from authroised reseller. To knew who, you may asked directly to your country distributor.

Im just curios, what OS are used on the client pc? if windows, there might be possibilities (Im not an expert, so im just guessing based on my past experience) that the Proxy settings on the windows are somehow maybe changed, either caused by unknown factor such as, maybe malware or something. You can try look at control panel > Internet Option > Connection > LAN Settings. By default, it should look like the attach pict i provided in this post. If not the same then you should untick the "Proxy Server" as in the picture.

Usually it takes more than a few times entering wrong password before it starting to take pictures, and are you sure you set it up correctly? Some system like huawei miui and honor miui required you to reprovide some permission after the application update. Run some test on your device via your anti-theft webportal. It might help to see if it working correctly

Update: its seems to be my Google chrome only. Maybe cookies or cache problem.

Dear All, is there any announcement for this? or is it just my computer?

Well update for both of you, the link indeed alive, and shockingly, the link automatically update new variant or type of trojan for grancrab 5.0.4 everyday. And i have been collecting sample everyday put it to the test and submit to the vendor that missed it. And the latest 4 Nov 2018 GMT+8 theres new update that eset missed, already submitted it though to samples@eset.com and yeah, im crazy enough to click it everyday, hahah. well obviously in safe environment, on unused pc with vpn enable.

Well maybe ESET researcher just that good ?

I see thanks for the verification. The malware start to be infecting customer from bitdefender producst 1 day earlier, but the sample arrive at our cegah ransomware malaysia fb group around the time i uploaded it to VT. Anyway is the website behavior seems suspicious to you? as before i submitted the sample and forum post to available vendors, it seems to display as per below. But after around 15-30 minutes after its discovery, it change as 2nd screenshot After Change: It remove the link like it was detecting the site. Though i still posses the original download link however. Its from .org domain name

Thanks for the verification

Dear All, WARNING LIVE SAMPLE. IF ADMIN FIND THAT THIS IS RISKING TO THE OTHER FORUMERS, FEEL FREE TO DELETE THIS AFTER READING AND COPYING AND ADD THE DETECTION TO ESET SOLUTION. The below link contain the trojan that dropped Grancrab 5.04 as per below; Source Link: hxxp://europesebeweging.nl/crack-systools-pst-merge-3-3/ Trojan: hxxp://www.mediafire.com/file/tlss8cy1hd1r2mo/Sample-2-Nov.zip/file Password: infected Online Scanner: https://www.virustotal.com/#/file/d4f770cd8d86972948709b43ef4a56f3d7ddf5ddaf15c6133b0c42ec5f3c3d21/detection Analysis: https://www.hybrid-analysis.com/sample/d4f770cd8d86972948709b43ef4a56f3d7ddf5ddaf15c6133b0c42ec5f3c3d21

Hi and Good Day, Im wondering did ESET aware of this recent malware and ransomware pack that are being reviewed in the below post? I see that the download link are being detected malicious by eset, but some files (according to virus total) might been missed. Here is the link: https://researchcenter.paloaltonetworks.com/2018/09/unit42-xbash-combines-botnet-ransomware-coinmining-worm-targets-linux-windows/ The download urls are available on the site at near end of the review.

Hi and Good Day, Can anyone guide me on how to update the client pc that use ESET Endpoint Antivirus the latest version manually? as the client purposely kept the pc off internet for some reason.

Barracuda is quite tough competitors base on my experience, i have been testing all products and it seems they outperform most of the products offered in the market. But that just based on my experience. But for Endpoint, yes eset is best in terms of performance. In terms of future version, you might need somebody from dev staff to comment

Well its not like i didnt read the report nor says the report are not reliable. They did their test and this is the result. And i didnt denied to that eset does misses some malware along the test. But still, 98.2 is more than enough as protection, and in my experience, its pretty rare for client to get infected by malware when using eset. though "rare" here does not refer that eset can block 100% of malware in the world, but it sufficient enough for daily users protection. And even for advance user, using HIPS rules they can even blocked unknown Zero-Day Malware. That said, compared to microsoft, they have a good detection in test, but in the real world, sadly, they often misses more than eset in my experience. I dont think the test are unreliable, they are reliable, but in the real world situation, its might not possible to create a 100% of real world situation. Still, 98% is already more than enough as protection. even 90% and above is already more than enough as protection. Well what is the proof that im claiming that they cant create 100% real world situation? well you can access SE Labs test, VB100 labs test, and you will find that all of them have various different result for the same brand. SO yeah, you might want to chose MSE based on the result, but i assured you, in real world in my experience, ESET performed better.

I dont think you need to delete your facebook account. If you take the below precaution, the chances will be as low as 10% Check your emails that you used to register FB, check your details, check your email settings, ensured that there are no foreign email authorisation in your email, change it password, enable 2fa, enable security measure that easy for you but hard on hacker. Check your FB, check on the settings again check for any foreign element such as email used for your facebook (make sure only your email are present as admin and as the one received any security notification), check on the setting that allowed 3rd party to access you FB without you knowing such as backup email. Enable and check you security settings on FB, enable 2FA and any security measure that easy for you but hard on hacker. Other step is you and your partner to take measures against social engineering hack including phishing link. Phishing link quite tricky this days expecially when the spelling are correct, accept that it sometimes has small symbol under it, suchas this one Ẹset.com, as you can see, under E has some symbol under it, this is called "unicode". Based on my experience, my client most likely will fall with this trick. Im also once almost trick by this. And lastly, i wish you good luck for your fight.

Just additional info, but still it depends on your local distributors, in my place the license can be upgraded or extend to the certain amount of seats, and also, the license renewal, is renewal, which mean with the current license in effect it can be extend to a new date without changing the license.

Theres a few package that match your needs, depends on your local distributors, but if this is offered by your local distributor, the below products might sufficient with your need; https://www.eset.com/int/business/security-packs/ (In some country they offered start from 5 PC+5 Mobile + 1 File Server, on this website they offered start from 10 PC so depends on your local distributors) But if you want, you can also purchase Eset Endpoint Protection Standard or Advance. This package contain unilicense that match all your needs as per above; https://www.eset.com/int/business/security-solutions/ Usually we recomended to use ESET Endpoint Security if you mention you need the firewall, thus it exist in the Advance package. Question : Windows file server need AV? Ans: Usually yes, as on file server its much easier to create a HIPS rule that block most of unneeded windows function that might lead to manipulation by ransomware etc. Where if such rules applied to endpoint, endpoint have their own need to access most of the windows functionality. Which why multi-layer protection is necessary. But again, this is i what i would recomended for the customer back on my country. So for more info you might want to refer to your local distributors as they might have better offer based on your locality and needs.

Hi, that said, in a simple explanation, ESET only protect if the exploit or attack occured to be invading your PC. So in your case, its FB case on their own server. Based on my experience this usually happened either because of bruteforce attack , Bruteforce attack did not came from your pc, it always happened around the internet. Theres even a BOT that do daily scan and do thousand and milions of bruteforce attack on any fb login page or any website that have login page, and this bot usually hosted at different server from your pc. So in this case even if you use any other security products, or any other fully encrypted hardware, there is no assurance for you FB page will not hackable. The another possibilities is that you or your college is the one that have been hacked, but not their PC, but they falls to social engineering hacking. Social Engineering hacking is involving manipulation of human brain that causes the victims to being tricked into believing or trusting the hackers somehow. If i were you, firstly i will check my password and my college password and change it to much better stronger password. Even if it already strong to you theres a possibilities it has falls to the hacker hand. Then all the best is to open and request support from FB support page to regain back your control over the page. And let me tell you, times factor is important here, so the faster you requested the support from FB, the higher the possibilities for you to gain back your page. I have manage almost hundred of servers, and believe me, daily i can get almost a thousand scanning from bot daily from different ip. So the best way to protect is use the strong unknown password to the world, in a word that only you can understand and not existed in any dictionary and mixed it with number and symbols that only you know the meaning behind the number. Anyway i hope you understand, any security products can protect your PC and your surfing experience on internet only. But ESET adn other security software did not protect the website themselves from hacker. They just protected you.

The United States Department of Energy (DOE) on Monday announced that it’s prepared to award up to $25 million for the research and development of technologies designed to protect the country’s energy infrastructure against cyber threats. The funding opportunity announcement (FOA) comes from the Office of Electricity Delivery and Energy Reliability’s Cybersecurity for Energy Delivery Systems (CEDS) program and it seeks applications for researching, developing and demonstrating novel approaches to improving cyber resilient energy delivery systems. Specifically, the offer is for projects focusing on designing a cyber-resilient architecture for the electric and oil and natural gas (ONG) subsectors, security for the ONG environment, secure communications, secure cloud-based technologies in operational technology (OT) networks, and enhancing security in the energy sector. Applicants must not only conduct research and develop the products, but also demonstrate them in an actual facility. Proposals, which need to be submitted until June 18, must also include a strategy for transitioning from existing systems either by commercializing the new solution or by making it open source. “This FOA builds on DOE’s efforts with the private sector toward improving the security of the Nation's critical energy infrastructure, and reducing the risk of a cyber incident that could disrupt energy delivery,” the DOE said. “It will expand the development and adoption of energy technologies that will help ensure a more secure, resilient, and reliable electricity system.” Learn More at SecurityWeek’s ICS Cyber Security ConferenceAs of last year, the DOE said it had invested more than $270 million since 2010 in cybersecurity research, development and demonstration projects led by members of the industry, universities and the agency’s own National Laboratories. In September 2017, the Energy Department announced its intention to invest $50 million in the research and development of tools and technologies that would make the country’s energy infrastructure more resilient and secure, including more than $20 million in cybersecurity. Earlier this year, the DOE announced the creation of the Office of Cybersecurity, Energy Security, and Emergency Response (CESER) to help the organization efficiently coordinate preparedness and response to both manmade and natural threats. Energy facilities in the United States and the Energy Department itself have often been targeted by malicious hackers in the past years, although the attacks have not been as damaging as the ones that hit Iran, Saudi Arabiaand Ukraine Source: https://www.securityweek.com/us-energy-department-offers-25-million-cybersecurity-tech Found on https://malwaretips.com/threads/u-s-energy-department-offers-25-million-for-cybersecurity-tech.81977/