Jump to content

Aryeh Goretsky

ESET Moderators
  • Posts

    804
  • Joined

  • Last visited

  • Days Won

    50

Kudos

  1. Upvote
    Aryeh Goretsky gave kudos to Marcos in emails from ESET   
    It's a genuine email that you would receive for instance if your license was registered to a seller's email address and another user with the ESET license registered to the same email address was attempting to add it to the license manager. Please provide the public ID of your license so that I can check it out.
  2. Upvote
    Aryeh Goretsky received kudos from santoso in Are Old Version of Orbit Downloader Free from DDoS Weapon ?   
    Hello,

    I am the author of the Orbital Decay: the dark side of a popular file downloading tool article on ESET's WeLiveSecurity blog.

    Given the nature of the what was reported, I would caution against using any version of the software.

    Regards,

    Aryeh Goretsky
  3. Upvote
    Aryeh Goretsky gave kudos to Marcos in ESET Blocking Safe Site   
    The detection is actually correct. It was already reported here in the past and obviously an administrator of the website still hasn't removed the references to defpush.com which is why the detection is triggered.
  4. Upvote
    Aryeh Goretsky gave kudos to Marcos in Installer halts on windows7   
    When installing ESET on Windows 7, SP1 must be installed as well as Windows Updates KB4474419 and KB4490628 that add SHA256 code signing support.
    As for LiveGrid, please provide a screen shot of the pop-up prompting you to enable LiveGrid since we do not display anything like that if you choose not to use the LiveGrid Feedback system during installation. LiveGrid actually consists of 2 parts: LiveGrid Reputation system (should be always enabled) and LiveGrid Feedback system for submitting already detected and highly suspicious files (optional).
    The LiveGrid Reputation system is passive. It is essential for keeping protection up to date against emerging threats. This system doesn't submit anything and only queries LiveGrid to get essential information about hashes of files and to receive a list of malicious objects that is generated continually as ESET processes new malware throughout the day. Disabling LiveGrid Reputation system has also also adverse effect on performance, detection (the gap between updates is not eliminated) and cleaning. When disabled, ESET will not be able to skip whitelisted and trusted files that you have on the disk and will continue to scan them. When it comes to detection, ESET may not be able to recognize new malware because of missing LiveGrid blacklists. When cleaning, ESET may not be able to kill and clean malware because of missing LiveGrid information about files.
    The ESET Feedback system is active and it's purpose is to submit already detected and highly suspicious files to ESET. The more people use it, the more new malware the product can detect and clean and the smaller probability of encountering a false positive.
  5. Upvote
    Aryeh Goretsky gave kudos to Marcos in Yara Rules   
    It's possible to use Yara rules within ESET Threat Intelligence but that's a separate paid service that provides advanced users with insight into our intel and it's not related to user's network in any way, it's global.

  6. Upvote
    Aryeh Goretsky gave kudos to Marcos in Endpoint Security Anti phishing non functional   
    Tonight (CET) we are going to publish links to fixes for Endpoint v5. A bit later we plan to release also a fix that will be smaller in size and will download the appropriate installed of the latest v5 Endpoint instead of having it bundled.
  7. Upvote
    Aryeh Goretsky gave kudos to Marcos in How do i recovery 'Eset EndPoing Security 5.0' back with out any automatic update to 'Eset Smart Security' ???   
    Please refer to https://forum.eset.com/announcement/5-endpoint-50-65-and-eset-server-products-65-non-functional-as-of-feb-8-antivirus-and-antiphising-is-non-functional-reported/ and the KB article https://support.eset.com/en/alert7396-legacy-products-startup-issue.
    This was caused by a bug in old versions of our products, namely Endpoint 5.0.2248+ (except the very latest version 5.0.2271) and versions 6.5.
    There is already a fix for Endpoint v5, please refer to https://support.eset.com/en/alert7396-legacy-products-startup-issue and the section How to download the fixing tool for v5.
    Please elaborate more on "The 'Personal Firewall' is work only in 'Eset Smart Security V5'.  V6 and V7 not working properly." The firewall works properly both in v6 and v7. What works differently for you in v5?
    Endpoint v5 is going to reach end of life by the end of this year which means that even engine updates will not be guaranteed afterwards. We strongly recommend to upgrade to Endpoint 7.2 to those who can upgrade as soon as possible. Also please keep in mind that Endpoint v5 is not effective enough to protect you from current emerging threats while v7.2 provides a bunch of new protection features to keep you safe. Last but not least, neither Endpoint 6.6 nor 7.0, 7.1 and 7.2 were affected by this issue.
  8. Upvote
    Aryeh Goretsky gave kudos to Marcos in MSOffice mrodevicemgr.officeapps.live.com blocked for phishing   
    Thank you. The address is categorized as malicious by Web Control. We have reported miscategorization to the provider of the url categorization database. In the mean time, creating a Web Control permissive rule and moving it on top of other Web Control rules should do the trick:

  9. Upvote
    Aryeh Goretsky gave kudos to Marcos in MSOffice mrodevicemgr.officeapps.live.com blocked for phishing   
    Please provide ELC logs from such machine. Neither the hostname nor IP address appears to be blocked.
  10. Upvote
    Aryeh Goretsky gave kudos to Marcos in Win32/uTorrent.C   
    uTorrent PUA detection is not new, the first variant was added in July 2018. Is there any problem the PUA from detection and possibly also add utorrent.exe to performance exclusions?
    Potentially unwanted applications are not malware. The detection is optional and particular PUAs can be excluded from detection if the user thinks that benefits of using the PUA outweigh possible risks.
  11. Upvote
    Aryeh Goretsky gave kudos to Marcos in G Suite Sync for Microsoft Outlook® has found conflicting add-ins installed: ESET Outlook Add-in   
    A new revamped Outlook plug-in that should resolve sync conflicts or issues with 3rd party plug-ins is currently planned for Endpoint 7.3. Currently there's no ETA, however but I personally expect it later this year.
  12. Upvote
    Aryeh Goretsky gave kudos to Marcos in Huge (15 Gb) pcapng files   
    Between Jan 23 and 28, you had various diagnostic logging enabled. You should disable it in the advanced setup -> tools -> diagnostics. Alternatively you might have enabled it via Help and support -> Details for customer care. Advanced logging should be enabled only for the time necessary to reproduce a particular issue and must be disabled then. When activated, a yellow notification pops up in certain intervals notifying you about that.
    Feel free to delete the files in the Diagnostics folder.
  13. Upvote
    Aryeh Goretsky gave kudos to Nightowl in Chrome 79 always starts a core dump and crashes   
    The current up-to-date version for desktop edition is the v4
    Endpoint edition v7 is running as BETA currently , once it goes stable I believe they will start looking at building the v7 for desktop.
    The fix that Marcos talked about would be probably a small fix (hotfix) that will solve the issue with browsers and that's it , not a major upgrade.
  14. Upvote
    Aryeh Goretsky gave kudos to Marcos in Chrome 79 always starts a core dump and crashes   
    There will be a fix for the issue in both Endpoint and ESET NOD32 for Linux desktop according to the latest news.
  15. Upvote
    Aryeh Goretsky received kudos from Nightowl in Best wishes for the holidays for 2019 and beyond!   
    Hello,

    As 2019 comes to a close, and just before computers are turned off so that we can spend time with friends and family, I would like to take a moment to wish each and every one of you best wishes for the holiday season, and the forthcoming New Year as well.


    This past year has been equally exciting, challenging and sometimes even terrifying in terms of computer security, and we know that you have many choices when it comes to whom you choose to protect your computers.  We are grateful that you have chosen to place your trust in ESET, and we will do our utmost to ensure that we continue to earn that trust into 2020 and beyond.

    On a personal note, 2019 marks my thirtieth year in the field.  In 1989, I began my career by driving to John McAfee's house and answering the single phone line in-between taking classes at college.  Back then, there were perhaps a couple of dozen computer viruses for PCs running DOS, and about the same for Macs (running the classic Mac OS).  In the intervening three decades, we have seen the rise (and fall) of several computing platforms and entire ecosystems.  We've gone from the dream of having a computer in every home to having one in every room (and sometimes more than one).   Classic computer viruses (i.e., recursively self-replicating code that creates a possibly evolved copy of itself) have become almost extinct as a standalone threat, replaced by an alphabestiary of malicious software, some of which do incorporate viral-like techniques.  The one thing I can say, though, is that I never thought the problem of malicious code would get as bad as it has become today.  The flip side of this, though, is that I am constantly amazed at how good companies like ESET have gotten at combating those threats.  To be a part of ESET and see how the company does things at scale has definitely been a highlight of my career so far, and I hope to continue helping protect your computers for many years to come.

    Wishing you all the best,

    Aryeh Goretsky
  16. Upvote
    Aryeh Goretsky received kudos from Nevi in Gryphon Router   
    Hello,

    Hmm… this is kind of a long answer.  ESET is always looking at all sorts of new (and not-so-new) technologies and how we can better protect people, and the Internet of Things is one of those areas where there are a lot of challenges and a lot of interest.  We have done everything from finding vulnerable devices and reporting them to their vendors (under responsible disclosure guidelines, BTW), as well as looked at the space from the perspective of a higher level overview.  So, from that perspective, ESET does have interest in the space.

    But, that said, it is important to understand that there are a lot of non-obvious background activities that go into shipping actual hardware.  My last employer (before I joined ESET in 2005) was a telephony hardware manufacturer that made embedded systems like VoIP handsets, PoE switches, PBXes and the like.  While that may sound dissimilar to an "IoT device" at first glance, they are really largely the same:  General purpose (commodity) hardware and operating systems software that has been highly-optimized and engineered to perform a few set-purpose activities.  In the case of those devices, that involved things like taking and placing calls, handling voicemail, toggling MWI (message waiting indicator) LEDs and connecting to a variety of standards-based (SIP) and proprietary (Cisco) devices. 

    To get to all of that, though, the company had to go through all sorts of prototyping to design and then test the hardware, source component suppliers, find printed circuit board manufacturers, assembly partners, etc.  Doing all of that requires having lots of electronics engineering talent, with specialization not just in embedded but telecommunications and networking as well.  You have to design the plastics (or contract that out to a design firm), as well as do things like get certification from various regulatory agencies and safety organizations (FCC, UL, TUV and so forth).  You even have to design crush-proof packaging and foam inserts which is a highly-specialized field. 

    Getting device through certification is not always easy (when I left my last employer, they were going through a multi-month long process to get a Bluetooth radio module inside a handset certified for EU use) or cheap.

    And, once you've finally got a working, certifiable product, it gets even more complicated.  If you have a physical product like hardware, you have to have physical space for engineers to sit in, warehouse space for inventory, a shipping department, a QA/testing department, an RMA department for analyzing why units failed in the field and repairing them and so forth.  Also, expect to re-spin (revise) your product's hardware several times over its life-cycle to fix bugs in it.  Those will occur, no matter how much you design or test for them.  At my last employer, they had one product with a circuit board on revision H (8th revision) because revisions A though G had flaws in them.  Even something as simple as the Raspberry Pi 4 has design flaws that need to be fixed with a board redesign.
    All together, that is a lot of work, and while ESET has engaged in some activities-at-scale before which required some specialized engineering, making an IoT security device is in a different kind of direction than the has historically been in.

    That's not to say that you will never see an ESET IoT security device, but just not to expect anything in the near term, because there's a lot of work to do to get into the hardware space.  It may instead be more effective to partner with companies to provide that kind of functionality.  But, that's a discussion far beyond my area of expertise.

    Regards,

    Aryeh Goretsky
     
     
     
  17. Upvote
    Aryeh Goretsky received kudos from TomasP in Best wishes for the holidays for 2019 and beyond!   
    Hello,

    As 2019 comes to a close, and just before computers are turned off so that we can spend time with friends and family, I would like to take a moment to wish each and every one of you best wishes for the holiday season, and the forthcoming New Year as well.


    This past year has been equally exciting, challenging and sometimes even terrifying in terms of computer security, and we know that you have many choices when it comes to whom you choose to protect your computers.  We are grateful that you have chosen to place your trust in ESET, and we will do our utmost to ensure that we continue to earn that trust into 2020 and beyond.

    On a personal note, 2019 marks my thirtieth year in the field.  In 1989, I began my career by driving to John McAfee's house and answering the single phone line in-between taking classes at college.  Back then, there were perhaps a couple of dozen computer viruses for PCs running DOS, and about the same for Macs (running the classic Mac OS).  In the intervening three decades, we have seen the rise (and fall) of several computing platforms and entire ecosystems.  We've gone from the dream of having a computer in every home to having one in every room (and sometimes more than one).   Classic computer viruses (i.e., recursively self-replicating code that creates a possibly evolved copy of itself) have become almost extinct as a standalone threat, replaced by an alphabestiary of malicious software, some of which do incorporate viral-like techniques.  The one thing I can say, though, is that I never thought the problem of malicious code would get as bad as it has become today.  The flip side of this, though, is that I am constantly amazed at how good companies like ESET have gotten at combating those threats.  To be a part of ESET and see how the company does things at scale has definitely been a highlight of my career so far, and I hope to continue helping protect your computers for many years to come.

    Wishing you all the best,

    Aryeh Goretsky
  18. Upvote
    Aryeh Goretsky gave kudos to peteyt in Again & again coming message window   
    When it comes to potentially unwanted programs you can completely disable this option in the detection engine area. PUA programs are programs that aren't technically viruses but they have bad business practices e.g. hard to remove, try to instal extras e.g. toolbars, might contain adware and try and send information back etc. The idea with a PUA is when the option is enabled it is up to the user to decide if the pros of using it outweigh the risks. 
    If you want to keep PUA alerts on and it comes up with the pop up as you first showed by clicking the advanced arrow it will give you an option to exclude. 
    Finally I'd like to warn you that using cracked software always comes with risks because they are coming from non official places and could contain extras.
  19. Upvote
    Aryeh Goretsky gave kudos to itman in Again & again coming message window   
    It is unclear what you want to do.
    Refer to this Eset knowledgebase article for options available when the potentially unwanted application alert appears: https://support.eset.com/en/what-is-a-potentially-unwanted-application-or-potentially-unwanted-content
  20. Upvote
    Aryeh Goretsky received kudos from Custerinky in Best wishes for the holidays for 2019 and beyond!   
    Hello,

    As 2019 comes to a close, and just before computers are turned off so that we can spend time with friends and family, I would like to take a moment to wish each and every one of you best wishes for the holiday season, and the forthcoming New Year as well.


    This past year has been equally exciting, challenging and sometimes even terrifying in terms of computer security, and we know that you have many choices when it comes to whom you choose to protect your computers.  We are grateful that you have chosen to place your trust in ESET, and we will do our utmost to ensure that we continue to earn that trust into 2020 and beyond.

    On a personal note, 2019 marks my thirtieth year in the field.  In 1989, I began my career by driving to John McAfee's house and answering the single phone line in-between taking classes at college.  Back then, there were perhaps a couple of dozen computer viruses for PCs running DOS, and about the same for Macs (running the classic Mac OS).  In the intervening three decades, we have seen the rise (and fall) of several computing platforms and entire ecosystems.  We've gone from the dream of having a computer in every home to having one in every room (and sometimes more than one).   Classic computer viruses (i.e., recursively self-replicating code that creates a possibly evolved copy of itself) have become almost extinct as a standalone threat, replaced by an alphabestiary of malicious software, some of which do incorporate viral-like techniques.  The one thing I can say, though, is that I never thought the problem of malicious code would get as bad as it has become today.  The flip side of this, though, is that I am constantly amazed at how good companies like ESET have gotten at combating those threats.  To be a part of ESET and see how the company does things at scale has definitely been a highlight of my career so far, and I hope to continue helping protect your computers for many years to come.

    Wishing you all the best,

    Aryeh Goretsky
  21. Upvote
    Aryeh Goretsky received kudos from ProTruckDriver in Best wishes for the holidays for 2019 and beyond!   
    Hello,

    As 2019 comes to a close, and just before computers are turned off so that we can spend time with friends and family, I would like to take a moment to wish each and every one of you best wishes for the holiday season, and the forthcoming New Year as well.


    This past year has been equally exciting, challenging and sometimes even terrifying in terms of computer security, and we know that you have many choices when it comes to whom you choose to protect your computers.  We are grateful that you have chosen to place your trust in ESET, and we will do our utmost to ensure that we continue to earn that trust into 2020 and beyond.

    On a personal note, 2019 marks my thirtieth year in the field.  In 1989, I began my career by driving to John McAfee's house and answering the single phone line in-between taking classes at college.  Back then, there were perhaps a couple of dozen computer viruses for PCs running DOS, and about the same for Macs (running the classic Mac OS).  In the intervening three decades, we have seen the rise (and fall) of several computing platforms and entire ecosystems.  We've gone from the dream of having a computer in every home to having one in every room (and sometimes more than one).   Classic computer viruses (i.e., recursively self-replicating code that creates a possibly evolved copy of itself) have become almost extinct as a standalone threat, replaced by an alphabestiary of malicious software, some of which do incorporate viral-like techniques.  The one thing I can say, though, is that I never thought the problem of malicious code would get as bad as it has become today.  The flip side of this, though, is that I am constantly amazed at how good companies like ESET have gotten at combating those threats.  To be a part of ESET and see how the company does things at scale has definitely been a highlight of my career so far, and I hope to continue helping protect your computers for many years to come.

    Wishing you all the best,

    Aryeh Goretsky
  22. Upvote
    Aryeh Goretsky received kudos from peteyt in Best wishes for the holidays for 2019 and beyond!   
    Hello,

    As 2019 comes to a close, and just before computers are turned off so that we can spend time with friends and family, I would like to take a moment to wish each and every one of you best wishes for the holiday season, and the forthcoming New Year as well.


    This past year has been equally exciting, challenging and sometimes even terrifying in terms of computer security, and we know that you have many choices when it comes to whom you choose to protect your computers.  We are grateful that you have chosen to place your trust in ESET, and we will do our utmost to ensure that we continue to earn that trust into 2020 and beyond.

    On a personal note, 2019 marks my thirtieth year in the field.  In 1989, I began my career by driving to John McAfee's house and answering the single phone line in-between taking classes at college.  Back then, there were perhaps a couple of dozen computer viruses for PCs running DOS, and about the same for Macs (running the classic Mac OS).  In the intervening three decades, we have seen the rise (and fall) of several computing platforms and entire ecosystems.  We've gone from the dream of having a computer in every home to having one in every room (and sometimes more than one).   Classic computer viruses (i.e., recursively self-replicating code that creates a possibly evolved copy of itself) have become almost extinct as a standalone threat, replaced by an alphabestiary of malicious software, some of which do incorporate viral-like techniques.  The one thing I can say, though, is that I never thought the problem of malicious code would get as bad as it has become today.  The flip side of this, though, is that I am constantly amazed at how good companies like ESET have gotten at combating those threats.  To be a part of ESET and see how the company does things at scale has definitely been a highlight of my career so far, and I hope to continue helping protect your computers for many years to come.

    Wishing you all the best,

    Aryeh Goretsky
  23. Upvote
    Aryeh Goretsky received kudos from peteyt in Gryphon Router   
    Hello,

    Hmm… this is kind of a long answer.  ESET is always looking at all sorts of new (and not-so-new) technologies and how we can better protect people, and the Internet of Things is one of those areas where there are a lot of challenges and a lot of interest.  We have done everything from finding vulnerable devices and reporting them to their vendors (under responsible disclosure guidelines, BTW), as well as looked at the space from the perspective of a higher level overview.  So, from that perspective, ESET does have interest in the space.

    But, that said, it is important to understand that there are a lot of non-obvious background activities that go into shipping actual hardware.  My last employer (before I joined ESET in 2005) was a telephony hardware manufacturer that made embedded systems like VoIP handsets, PoE switches, PBXes and the like.  While that may sound dissimilar to an "IoT device" at first glance, they are really largely the same:  General purpose (commodity) hardware and operating systems software that has been highly-optimized and engineered to perform a few set-purpose activities.  In the case of those devices, that involved things like taking and placing calls, handling voicemail, toggling MWI (message waiting indicator) LEDs and connecting to a variety of standards-based (SIP) and proprietary (Cisco) devices. 

    To get to all of that, though, the company had to go through all sorts of prototyping to design and then test the hardware, source component suppliers, find printed circuit board manufacturers, assembly partners, etc.  Doing all of that requires having lots of electronics engineering talent, with specialization not just in embedded but telecommunications and networking as well.  You have to design the plastics (or contract that out to a design firm), as well as do things like get certification from various regulatory agencies and safety organizations (FCC, UL, TUV and so forth).  You even have to design crush-proof packaging and foam inserts which is a highly-specialized field. 

    Getting device through certification is not always easy (when I left my last employer, they were going through a multi-month long process to get a Bluetooth radio module inside a handset certified for EU use) or cheap.

    And, once you've finally got a working, certifiable product, it gets even more complicated.  If you have a physical product like hardware, you have to have physical space for engineers to sit in, warehouse space for inventory, a shipping department, a QA/testing department, an RMA department for analyzing why units failed in the field and repairing them and so forth.  Also, expect to re-spin (revise) your product's hardware several times over its life-cycle to fix bugs in it.  Those will occur, no matter how much you design or test for them.  At my last employer, they had one product with a circuit board on revision H (8th revision) because revisions A though G had flaws in them.  Even something as simple as the Raspberry Pi 4 has design flaws that need to be fixed with a board redesign.
    All together, that is a lot of work, and while ESET has engaged in some activities-at-scale before which required some specialized engineering, making an IoT security device is in a different kind of direction than the has historically been in.

    That's not to say that you will never see an ESET IoT security device, but just not to expect anything in the near term, because there's a lot of work to do to get into the hardware space.  It may instead be more effective to partner with companies to provide that kind of functionality.  But, that's a discussion far beyond my area of expertise.

    Regards,

    Aryeh Goretsky
     
     
     
  24. Upvote
    Aryeh Goretsky received kudos from Nightowl in Friends visit and want my wifi   
    Hello,

    ESET is not in the wireless networking business, but using a guest wireless network without access to  your own internal network of machines is a good start.  Keeping the router up-to-date with the latest firmware from the manufacturer is important, too.  If they are no longer providing updates, you can look to see if firmware from a third-party is available, such as DD-WRT, or replace the router with a new, supported device.  If you are using ESET Internet Security or ESET Smart Security Premium, you can use the Connected Home Monitor feature to see what is attached to your internal network.

    For scanning other people's computers, you may want to consider using a USB flash drive with ESET SysRescue Live installed to it.

    Regards,

    Aryeh Goretsky
  25. Upvote
    Aryeh Goretsky gave kudos to Marcos in Application Control or Whitelisting Features in the Future?   
    As far as I know, we don't plan to have Application control any time soon (meaning in the next few moths). Currently it's only possible to create HIPS rules to block execution of specific executables based on the path.
×
×
  • Create New...