AnthonyQ

Thanks for sharing. So there's a misunderstanding. ECSP itself is not being discontinued, but ECSP V6 will be reaching its end of life, and this year, ECSP will be upgraded to V8. This makes sense because there are still some advanced security features missing in ECS that necessitate a higher-tier product like ECSP to include these features.

So there's only one version for macOS, ECS, in the future? This is certainly bad news for ESSP users on Mac. Yeah, ESET does not support HTTPS scanning on macOS. Also, the absence of pico updates and machine learning-based detection makes ECS less effective in terms of detection capabilities compared to the ESET PC version.

It's been quite a while since the last update of ESET Cyber Security Pro, and it still isn't natively compatible with Apple Silicon. As an ESSP user wanting an Apple Silicon-native AV product for Mac, I have to use ESET Cyber Security V7, which is a lower-tier product. So, I want to know when the next generation of ESET Cyber Security Pro will be released, hopefully including advanced security features like a firewall, machine learning detection, and LiveGuard.

All five samples in my post have now been detected: four were blocked in the cloud, and one was detected as GenKryptic... How about your sample?

Good catch. However, ESET's responsiveness to email submissions varies; sometimes they analyze promptly, while other times they do not.

The following undetected malware samples were submitted a few days ago. The tracking IDs for these submissions are TRACK#66631C610176, TRACK#6661C4170262 and TRACK#665F09F901D7. https://www.virustotal.com/gui/file/d17748267d0b867a6a7f137d2851fd0bdce52af1179c483f41e08ca90e4c665e https://www.virustotal.com/gui/file/f85e22d66bd781c86c0ca3331341109856f03c4dec3c9e54fa84f11be3f88900 https://www.virustotal.com/gui/file/4a1007abbcdba51dbf407fc6053424ab9dcd8eb9eebdfd165b136f77fcb9bccb https://www.virustotal.com/gui/file/8a4f2f539393853c25d7ebf09e90fe0ac242849d5dc1b5600eb08d35c47601f1 https://www.virustotal.com/gui/file/3feacf7e618e12e650f1d9caf9bd73f2f05090bb3535f63774367468b493d04f Please add proper detections ASAP, thanks.

According to Marcos, it seems that ESET is going to update its behavior detection this year...

In ECS V7.0, when a threat sample has multiple detections, the detailed detection names cannot be displayed and the Detection field in the log will be empty.

https://www.pcrisk.com/removal-guides/28444-jawr-ransomware The answer is in the link you provided. No need to post it here.

In my opinion, as macOS already has its built-in firewall, to differentiate from it, I suggest ECS's firewall integrated with LiveGrid reputation information and allowing for specifying policies based on this information. When it comes to AV for macOS, the focus should be on detection. I am excited to see ML and LiveGuard being implemented in ESET for Mac. By the way, can ML (Augur) and LiveGuard process macOS samples such as .app and .pkg files?

V17 is now available thru pre-release channel.

Another feature I would like to ask for is ESET LiveGuard, exclusively for ESSP or Mac equivalent. Is it on the development roadmap?

When I need to perform a thorough scan of a file, the most convenient method is to scan it using the options available in the context menu. However, currently, I have to manually drag and drop the file onto the main GUI in order to initiate a scan. Additionally, it seems that the real-time scanner is unable to perform a deep scan. Is your team planning to implement Pico update and/or advanced machine learning in ESET Cyber Security? This can further help achieve feature parity between the Windows version and Mac version of ESET.

Seems to have been fixed, will continue to monitor. Btw, has the context menu scanning feature been permanently removed in ESET Cyber Security V7? I think it is a useful and necessary feature...

Files with Green Reputation is considered as Clean, which can be regarded as whitelisted. It's wrong. No. of user is merely one factor, or even not a factor when calculating the reputation score. The primary factor, as stated on ESET website, is heur rules in the cloud.

User numbers may influence reputation, but the primary factor is heuristic malware scanning conducted by LiveGrid. As Peter noted, items with Green bar in the Reputation field are whitelisted. I've previously submitted false positives to ESET, which now show a green reputation. Reputation—In most cases, ESET Internet Security and ESET LiveGrid® technology assign risk levels to objects (files, processes, registry keys, etc.) by using a series of heuristic rules that examine the characteristics of each object and then weigh their potential for malicious activity. Based on these heuristics, objects are assigned a risk level from 1 – Fine (green) to 9 – Risky (red). (https://help.eset.com/eis/16.2/en-US/idh_page_cloud.html)

It is not true. There are two columns on the LiveGrid reputation page - one column is for "Reputation," and the other is for "Number of Users." I believe you are referring to the second column. (https://help.eset.com/eis/16.2/en-US/idh_page_cloud.html)

Look at the first pic the OP shared. Before the detection was created, this malware sample had been whitelisted (indicated by the green color) in the LiveGrid.

From my own experience, ESET is less stable on Mac compared to PC...

Sadly, I can confirm that this issue was not fixed in recently released ESET Cyber Security Ver 7.4.1200.

Tbh, I haven't seen and tested this feature in action because Intel TDT was rarely triggered by the ransomware samples I tested. @adulwahab , would you be so kind as to share the hash of the sample that was detected by Intel TDT?

IMO, as a professional and well-known testing organization, AV-Comparative won’t take PUA as Malware.

Update: I later found that this issue can be temporarily solved by terminating com.eset.network process. However, after a few hours, the update problem will resurface again, which can also be solved by the above method.

I noticed an update issue with the ESET Cyber Security version 7.3.3700.0 on my Mac. After putting the MacBook to sleep (by closing the lid) for a while, I've noticed that the software fails to update. This is intriguing because when I ping update.eset.com, I get a response, which means there's no issue with my internet connection. I've tried updating it multiple times without success. However, a simple restart of my MacBook allows ESET to update as usual. This seems to be a recurring problem and I hope ESET team can take a look into this.

VHO might stand for Vishash Offline, which is a unique detection technique employed by Kaspersky. I believe there’s an official channel for ESET and Kaspersky to exchange IOCs, but sharing detection technology might be impossible.