Jump to content

WreckedByEmotet

Members
  • Content Count

    7
  • Joined

  • Last visited

About WreckedByEmotet

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I would visit https://oneview.malwarebyttes.com I would log in, and in the bottom left I would see the green div on the bottom-right of the page saying "logon successful" and then I would just see the spinning OV logo in the middle of the page indefinitely. Another thing I noticed, is that if I use https://cloud.malwarebytes.com/auth/login and enter my email, it does not reliably redirect me to the oneview login. I was using oneview a lot today, and have had zero problems so far.
  2. Hi. Thanks for responding. It did that morning just after your responce yesterday around 8:20 pst. I f5'd again and up it came. It ran great all day, then it suddenly didn't work after 5pm. Today, didn't work until 9am. then worked fine. Then down at 430, then up again at 6 and has been since. Using it now, works great. 😕
  3. Hi all, I've recently had the pleasure of experiencing the ryuk ransomware. Our work on the post-mortem of the event has me suddenly scratching my head at the data I'm seeing. Things seem to have gone a little wrong for the attacker. Some of the things that are supposed to happen based on write-ups just didn't go down that way if at all. Long story short: I have a bad feeling that our little company wasn't the originally intended target, and that the ryuk encryption we got hit with is....older. Does anyone know of any group of folks that are collecting samples? I am seriously thinking that we were hit with a sample an adversary had access to. Perhaps something being passed around in security research circles, and If I'm close to the mark, I also suddenly have short list of suspects and motives that would be worth investigating. If someone is collecting samples, I would like to share ours to see if anyone already has a match. Who knows, if I'm right, then maybe these is even a decryptor to go with it, being that the pair might have been passed around in security circles or similar. Anyone able to point me in a direction, so I could explore this crazy idea further? Thank you!!!
  4. Anyone know off hand were I could find local logs for the endpoint client's detection's? The notifications on the client popup and fade before anyone can see what's still going on, and in situations where we can't access the terminal on cloud.malwarebytes.com...that's a bit problematic. thanks!
  5. I've just barely started using the endpoint product, patching up a fun mess. I've found that the cloud console has been inaccessible for many hours over the last several days. Most of Friday evening it was down, all working great all day yesterday, and now this afternoon, its been down for hours. Or is it? I log in, and seems like it wants to work, then I stare at the spiny-spin-spin graphic. I'm seeing this at all the different ISP's and devices I have the ability to connect from. Is this normal, or, am I doing something wrong?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.