katycomputersystems 1 Posted February 23, 2019 Share Posted February 23, 2019 What is the procedure to get a site blocked in endpoint security? If you search for "t-mobile president's office", the first result is: https://www.elliott.org/company-contacts/t-mobile/ The site should be blocked ASAP Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted February 23, 2019 Administrators Share Posted February 23, 2019 You can add it to the list of blocked addresses in the URL management if you want to block it for your users for whatever reason. Link to comment Share on other sites More sharing options...
katycomputersystems 1 Posted February 23, 2019 Author Share Posted February 23, 2019 Is there a way to get this information back to eset so other organizations can benefit from our find? Link to comment Share on other sites More sharing options...
itman 1,748 Posted February 23, 2019 Share Posted February 23, 2019 (edited) I really don't understand the concern here: Quote Elliott Advocacy is a nonprofit organization that offers free advice and advocacy for consumers. Are you stating that the phone numbers that are posted on the site are bogus off-shore high connection cost ones or something along this line? The only scan engine on URLVoid that detects something malicious for the IP address, 104.28.29.27, associated with elliott.org is scumware.org. It's detection dates back to 2016 when it was a http web site: 2016-10-21 19:24:26 http://elliott.org/blog/the-issue-has-been-resolve d/ FDEF2FD0C203BC524DFB575D6EBA28E9 104.28.29.27 US JS/TrojanDownloader.FakejQuery.D trojan Edited February 23, 2019 by itman Link to comment Share on other sites More sharing options...
katycomputersystems 1 Posted February 23, 2019 Author Share Posted February 23, 2019 Something was up with their site this morning. Looking at it now, all is well. Had I known it was a legitimate site, I would have snapped a screenshot or two so their admins would have been in a better position to troubleshoot the issue. I remain interested in knowing how we can report these issues to eset so they can consider adjusting things at e5.sk, in this case where Elliot got their house in order, it seems prudent to put them on a watch list. Link to comment Share on other sites More sharing options...
itman 1,748 Posted February 23, 2019 Share Posted February 23, 2019 34 minutes ago, katycomputersystems said: I remain interested in knowing how we can report these issues to eset so they can consider adjusting things at e5.sk, in this case where Elliot got their house in order, it seems prudent to put them on a watch list. Unfortunately, I would estimate that there are thousands of web sites that fall into this category; temporarily hacked. Many have site intrusion mechanisms in place that can alert to site modification activities. Corrective action is usually taken promptly; a few hours at most. Assume many site support personnel are not available 7/24. So weekend corrections might take a bit longer. Link to comment Share on other sites More sharing options...
Recommended Posts