Jump to content

PsychologicalForm

Honorary Members
  • Content Count

    108
  • Joined

  • Last visited

Community Reputation

0 Neutral

About PsychologicalForm

  • Rank
    Advanced Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. CanaryTokens.com Pretty common site, maybe a false positive?
  2. Apologies, I reposted in correct section. Was in a rush this morning.
  3. The following URLs appear blocked by MBAM, however are Microsoft owned URLs that are built into Microsoft's Phishing Attack Simulator tool. Blocking the URLs doesnt allow Admins to see who all was phished in the simulation/training. https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulator?view=o365-worldwide http://portal.docdeliveryapp.com http://portal.docdeliveryapp.net http://portal.docstoreinternal.com http://portal.docstoreinternal.net http://portal.hardwarecheck.net http://portal.hrsupportint.com http://portal.payrolltoo
  4. The following URLs appear blocked by MBAM, however are Microsoft owned URLs that are built into Microsoft's Phishing Attack Simulator tool. Blocking the URLs doesnt allow Admins to see who all was phished in the simulation/training. https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulator?view=o365-worldwide http://portal.docdeliveryapp.com http://portal.docdeliveryapp.net http://portal.docstoreinternal.com http://portal.docstoreinternal.net http://portal.hardwarecheck.net http://portal.hrsupportint.com http://portal.payrolltoo
  5. sec secured-login.net I believe this domain is associated with KnowBe4 phishing educational tools.
  6. Apologies. Appeared as if Chrome was the culprit. URLs are below in case.... http://https.secure-links.bloemlight.com/login http://secure-mail.web.magnetonics.com/login
  7. We use a phishing program here at work to phish and educate users called KnowBe4. Some of the companies URLs are blocked by MBAM which renders the phishing tests useless. https://support.knowbe4.com/hc/en-us/articles/203645138-Whitelist-Data-And-Anti-Spam-Filtering-Information I will repost with a few exact examples shortly, but know there are many.
  8. MBAE might not be broken (any more) but the cloud console is not production ready. We have a meeting at 2pm with our account rep to talk about features we need to see in production antimalware. A few are as follows MFA Endpoint Rename Custom URL Blacklist View active user Endpoint Isolation Can't Copy File Paths Can't whitelist by policy Viewing reports past 30 days MBAM Cloud Admin Log Business Support Forum / Portal Poor VPN Performance Install Errors Easily Select Multiple Entries No Filter in Detections Poor Performance in RDS Environment Clients s
  9. I think it's important to note i'm not, and never have, bashed MBAM. These are things we're talking about from a purely objective perspective. We were extremely happy on MBAM EE. The issue was the dashboard look identical all through beta and into release, so we assumed development was halted. Then we had clients on users machines that carried the same version for a year, so we figured MBAM Cloud was getting all the dev attention. Jumping ship we felt like we landed in an early Alpha product (subjective) but the features simply are not there (objective), the bugs are there in great numbers
  10. Cleatus, Coming from a long long long time Enterprise customer of MBAM, this pains me but here is my current list of reasons to probably hold off on Cloud 1.) Long list of issues using VPN with web detection enabled. (its broken) 2.) Cscript known bug (anti-exploit is broken) 3.) Unable to rename endpoint in console (DESKTOP-1R1CUKD.domain.local for example)(Client portion is broken) 4.) Unable to add URLs to custom/company blacklist 5.) Unable to copy file path of detected virus in Quarantine and Detections section. (Hover only, no expand or copy) 6.) Unable to view lo
  11. I just re-submitted a ticket, i'll report back on whether this one is answered or not.
  12. Well, we tried both 1.) uninstalling everything as well as 2.) disabling everything. those worked great! As far as reinstalling everything and enabling everything, both of those options break everything. /s
  13. Thanks for the response. Obviously with the need to disable web protection we feel we are leaving users at risk. Right now in order to leave our enterprise users non-impacted by MBAM we need to disable web protection, exploit protection, and continue to report URLs to the forums. Its painful. Please help me out by expanding on your ticket comment. We have submitted tickets but we don't typically hear back. Can you confirm the process for me? Maybe i'm getting it wrong.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.