works2020 ✭

I got a response directly from Gravity Zone and they said there isn't an option to automatically provide fixes at once. One report was this is by design and they are working to find a fix. The second was, that all fixes should be looked at separately. I don't agree with the latter since there are many issues that are the…

Hi Alex, further review determined there was an issue with DNS and Active Directory. Can't say for sure what it was because others that witnessed this behavior weren't exactly sure how/why it started. Similarly though they did have security issues prior and determined that DNS/AD cache may need to be flushed out and reset.…

Appreciate it, do you know if a full business support section plans to be added anytime soon.

CVE-2014-6271 allows a remote attacker to fully access your computer. Appears your security camera system is still compromised. There's a chance it's a false positive but need more information. Your girlfriend's computer may have file-less malware which is harder to detect. Is her computer still on the network? What…

Thanks Alexandru_BD, I sent the information off to them and waiting for an answer.

GravityZone

I got in touch with support and they asked me to send logs from their BDSYS application. After doing so haven't heard back from anyone. Wait times on the phone are well over an hour. Any ideas?

Thanks for the info, I have a case opened. What are your thoughts on this article, https://www.socinvestigation.com/account-manipulation-and-access-token-theft-attacks/ I'm seeing this error pop up on other clients and I don't have any reason to believe they're under attack. Not confident it's not a false positive either.

Bogus answer, why would I do what you're implying. I'm using one of my client accounts. I finally got a call back from the emails I sent and they resolved the problem by getting me in touch with the account manager I use with Atera.

Sorry for the multiple responses, I'm getting used to this forum and didn't realize the posts needed to be cleared prior to showing up. Agree 100% on your password analysis. We configured 2FA about three months ago and I thought this would take care of password concerns. Now that this happened it's obviously not the case.…

Hi Mike, thanks for the info. We performed the remediation procedures from CVE 2021-26855, CVE 2021-26857, CVE 2021-26858, and CVE 2021-27065. Everything came back clean. We ran the Microsoft Mitigation Tool, came back clean. Ran the Microsoft Safety Scanner, came back clean. Followed the HAFNIUM targeting Exchange Servers…

What are the dates the folder was created? Was there any other software installed at this time

What are the dates the folder was created? Was there any other software installed at this time

What are the dates the folder was created? Was there any other software installed at this time or work done that may shed light on how the file was downloaded?

Hi Mike, thanks for the info. Our remediation checklist included following CVE 2021-26855, CVE 2021-26857, CVE 2021-26858, and CVE 2021-27065 and we didn’t find anything. We also followed the recommendations after the “HAFNIUM Targeting Exchange Servers” report out by Microsoft, this too came back clean. Running…

What are the dates the folder was created? Was there any other software installed at this time

Hi Mike, thanks for the info. We performed the remediation procedures from CVE 2021-26855, CVE 2021-26857, CVE 2021-26858, and CVE 2021-27065. Everything came back clean. We ran the Microsoft Mitigation Tool, came back clean. Ran the Microsoft Safety Scanner, came back clean. Followed the HAFNIUM targeting Exchange Servers…

I recently posted in another thread about a virus that was found on my client's workstation. I don't believe it had to do with what followed however I'm still investigating. Someone sent an email from his email address to names in his contac Could I contact bitsy@bitdefender.com regarding the following threat detected?…