peteyt

ESET Insiders
  • Content count

    339
  • Joined

  • Last visited

  • Days Won

    8

peteyt last won the day on September 26

peteyt had the most liked content!

1 Follower

About peteyt

  • Rank
    N/A

Recent Profile Visitors

1,403 profile views
  1. Threatsense parameters

    I'm confused because when a file gets quarantined for me I don't see an extra copy in the same folder like the user mentioned
  2. Is Not Over!! WannaCry??

    I'd say the lack of patching certainly helped the spread of WannaCry. A lot of NHS computers for example still apparently use XP. But I believe there was a patch for the exploit WannaCry used, EternalBlue, available at the time. I also heard someone in a hospital had opened an attachment in an email that basically said you have been infected by ransomware, open the attachment to find out how to pay and recover your files. This however was a lie, the infection did not start until the attatchment was opened. Not sure how true the above statement is but the reality is people put too much trust on their AV to catch everything and often end up taking risks they probably wouldn't otherwise. Companies need to regularly teach all members of staff and not just IT on the best security practises and how to look out for things such as phishing emails and other forms of social engineering. This should be a regular thing, with all members of staff kept up to date with the latest issues, threats etc. One way some companies are teaching staff are with tests e.g. simulations with phishing emails. Lastly backup is important. Also in a sense a backup plan. An incident plan. The chances are companies will one day be breached so companies need to plan a response plan and be able to act on it quickly.
  3. The problem i have is that even if it is automated if could at some point be abused and used for the thing it is trying to prevent
  4. I've heard some strange ideas in the past but this one certainly caught my attention. Facebook is apparently planning to test a new idea in Australia in an attempt to help prevent revenge porn,The idea is simple - the victim or even a possible future victim sends their nude photos, and facebook then turns those photos into a hash. The idea is that if someone tries to upload that picture on facebook, e.g. an ex, the picture will be matched with the hash and so in turn blocked. Apparently the images will be kept for a while, although blurred. This technology isn't new, and is actually used to help stop the spreading of images of sexualy abused children. When you look at it in detail, past the ridiculousness sounding headline, it actually could sound clever to some. However I think this is a massive mistake. One of the most important things I have learned from security, is nothing is ever 100 percent safe. I trust and always recommend Eset for example, but software is just that, software. It is prone to bugs and mistakes, which become even riskier when the human element is added. What would happen if a flaw was discovered allowing the images to be intercepted during transmission? While what I have read from different articles seems to suggest it would be automated, could say a Facebook employer gain access to these images? For me the issue is people put too much trust into technologies. For example I've had many mac users tell me how dangerous windows is, and when they used it how many viruses they had. I can't remember when the last time I was infected was. I'm no expert, but I know not to open suspicious emails, click links, open attachments etc. I stick to safe sites, regularly back my stuff up and so on. Relying on these technologies rather than teaching yourself how to be safe just leads to a false sense of security. What do people think of Facebook's new idea? https://www.theguardian.com/technology/2017/nov/07/facebook-revenge-porn-nude-photos
  5. As I mentioned is this on version 11? Have you got pre release updates enabled?
  6. It's designed to revert settings that may have been changed possibly by malware. I have suggested a few times that there is not enough information and no logging of this feature to see what has been changed.
  7. Yeah it does not tell you the actual changes just that changes have been made
  8. Please note this is an english forum so please post messages in english or people may not be able to read your post. As for your issue is this on version 11? You could try turning pre release updates on. Hit F5, go to profiles then basic and choose pre release updates via the update type drop down menu
  9. You should email the developer as they are the best people to speak to about fixing the issue
  10. Threatsense parameters

    I think delete might move it to the quarantine rather than just delete it. A bit like the recycle bin. Not 100 percent sure though.
  11. Is this file malicious or not

    It's important to note eset doesn't want to cause issues by giving users choices by default. If eset set it to alert users to anything remotely suspicious by default it would require users to decide if it was safe or not. Without a defenition there's a bit of guess work as suspicious looking stuff could be false positives. A lot of users wouldn't know what to do and so could end up blocking something safe. I've heard that eset might be adding an application control feature at some point in the future. Not really sure what this will add
  12. Just wondering if you have any chinese software, language packs etc. Can you open the files in anything like notepad?
  13. Is there any information if you go to the files properties?
  14. As mentioned try downloading malwarebytes. You could always email the files to eset for analysis https://support.eset.com/kb141/?locale=en_US
  15. Not sure if this is happening over in the US or anywhere else but here in the UK there is a scam going on right now involving supermarkets and gift cards. This appears to be targeting Facebook and Whatsapp right now but may target others. It tells people to click a link to get a free gift card. The link may appear genuine. However specific letters in the link have been replaced with special characters. For example the scam uses the special character "đ" rather than a normal D, sometimes also using a "ḍ" - which appears normal but has a dot underneath. The links lead to surveys which ask often for financial information but they could be used for other purposes e.g. for spreading malware. These types of scams work well as the messages come from people who you know. They may think it's a genuine link when sending it or they may have not sent it themselves e.g. they have been hacked. It's best to avoid these types of link. If I'm ever unsure about an email and the link appears genuine, I will delete the email and go to the site myself, typing it in, so that I know I'm going to the correct site. Also it's good to remember the simple phrase - "if it seems too good to be true, it probably is." hxxp://www.bbc.co.uk/news/uk-41900814#