Jump to content
djacobson

Malwarebytes Cloud Platform Announcements

Recommended Posts

Check this thread for announcements regarding the Malwarebytes Cloud Platform. Information can also be found on our B2B KB page located here - https://support.malwarebytes.com/community/business

If you need technical help with your Malwarebytes Endpoint Protection, please contact our support team by creating a ticket on this portal - https://www.malwarebytes.com/support/business/#techhelp 

You can also dial your Malwarebytes Cloud product's bundled premium phone support line. The number is included with your purchase confirmation emails.

 

Edited by djacobson

Share this post


Link to post
Share on other sites

Malwarebytes cloud platform update - November 15, 2017 https://support.malwarebytes.com/docs/DOC-2260

We have recently performed a scheduled update to our Malwarebytes cloud platform. As a customer of this platform, we want to take a moment to familiarize you with the changes that were made.

New Features

  • Created new “Detections” page in the cloud console—combining the previous “Threats” and “Real-Time Protection” pages.
  • Added on-demand reporting—beginning with Detection Summary reports—that are generated in CSV format (additional reports coming soon):
    image1.png.32b25a7658ab41f5d2daf048197f50cc.png

Improvements

  • Completed multiple improvements to the cloud console user interface

  • Enhanced the cloud console “Dashboard” page to include Real-Time Protection data

  • Added additional information to detection details (with more to come in the future)

  • Extended the download timeout period up to 30 minutes for software installations to assist with slow network connections

  • Updated the end-user license agreement

  • Fixed: Addressed an issue discovered when moving large numbers of endpoints between groups

  • Fixed: Localized the Timestamp on the Quarantine page

  • Fixed: Unicode characters are now processed correctly in scan result data

Known issues

  • Web Protection will prevent web traffic for some customers who are connected to a VPN. For most customers, simply adding the VPN domain as an exception in the Malwarebytes cloud console resolves the issue. We are working on a resolution.

 

Our next platform update is scheduled for December 2017!

Edited by djacobson

Share this post


Link to post
Share on other sites

Offline Agents - 11.17.17

The Malwarebytes Support team is aware of an issue that is currently impacting some of our customers. Until this issue is resolved some endpoints may appear offline or have slow response time in the environment. Please be aware our engineering team is working on a resolution to this issue and will have it corrected soon. Thanks for your patience!

Share this post


Link to post
Share on other sites

255.255.255.255 False Positive Web Block - 11.20.17

The Malwarebytes Support team is aware of an issue that is currently impacting some of our customers. Until this issue is resolved by a database update, adding the 255.255.255.255 IP address to your Settings > Exclusions website exclusions will resolve notifications and blocks until we get this resolved shortly. Thanks for your patience!

Share this post


Link to post
Share on other sites

255.255.255.255 False Positive Web Block - fixed - 11.20.17

Check your signatures to make sure you have the version with this FP fixed.

MBAM 1.80 - 2.x: v2017.11.20.09
MBAM3: 1.0.3305

Share this post


Link to post
Share on other sites

255.255.255.255 False Positive Web Block - fixed - 11.20.17
Follow-up.

We confirmed that it was a false positive that we had on address 255.255.255.255. We have currently fixed this in the latest database. To make sure you on the latest database, please follow these steps:

For Malwarebytes Endpoint Security:

  1. Sign into the management console and go to the admin pane on the left.
  2. From here, go to the signature tab and click 'Update now'

Once it updates, your clients will slowly check in and receive the update.

For Malwarebytes Endpoint Protection:

  1. Log into the cloud console and navigate to the endpoints tab.
  2. From there, select all the endpoints affected and click on the 'actions' button in the upper right.
  3. Select the 'check for protection updates' button and your clients will reach out to our servers to get the latest update.

We do apologize for the inconvenience you experienced with this block.

Malwarebytes Support

Share this post


Link to post
Share on other sites
Holiday Coverage Notification

Malwarebytes will have reduced staffing through Monday November 27th 2017. As a result, response times may be delayed. We appreciate your patience and thank you for choosing Malwarebytes.

Share this post


Link to post
Share on other sites

Offline Agents - 11.28.17

The Amazon AWS Super Queue Service utilized by MBEP is having long queue times, causing some clients to show as offline in the Malwarebytes cloud platform. The issue is temporary, machines will come back online as the AWS SQS service catches up.

Quick info on how Amazon AWS SQS works - https://aws.amazon.com/blogs/aws/sqs_super_queue/

Share this post


Link to post
Share on other sites

Console slowness, 504 errors and offline agents - 12.1.17

Amazon AWS Retina API running near 100% memory utilization. Cloud admins may experience slowness, inability to load console, offline agent condition likely as well. Issue is under investigation.

Share this post


Link to post
Share on other sites

Console slowness, 504 errors and offline agents - 12.1.17 - fixed

Issue identified, event caused by sudden increase in traffic for agent results, many times more than the standard traffic. Situation has normalized and consoles should start becoming accessible again, clients which dropped offline during this event should start coming back online as of 1pm PST.

Share this post


Link to post
Share on other sites

Malwarebytes Issue Notification - Login issues

Some users may be unable to login. Active users are able to continue using the console. Issue is under investigation.

Share this post


Link to post
Share on other sites

Malwarebytes cloud platform update - December 18, 2017

Malwarebytes updated our cloud platform on Dec 18, 2017 at 8:00PM EST / 5:00PM PST. As a customer of this platform, we want to take a moment to familiarize you with the changes that are about to become available.

New Features:

Added exclusion support for Exploit Protection in Malwarebytes Endpoint Protection: This enables administrators to enter the MD5 hash of a file they’d like excluded from protection. Click on the Settings tab in the cloud console, choose Exclusions, select New, then scroll down and click the circle for “Exclude a file from Exploit Protection (Windows)” and type in the desired MD5 hash:

Added new on-demand reports for Quarantine and Endpoint summaries: Administrators can request a CSV format export of quarantined items and endpoint records for the previous 24 hours, 7 days, or 30 days. Click on the Reports tab in the cloud console, then click the “Generate Now” link for the desired report. The request is placed into a queue for processing. When the report is ready, an email with a link is sent to the requestor’s email address allowing them to download the desired report:

Added support for nested Groups: This provides administrators the flexibility to create an organizational structure in the cloud console that reflects their real-world environment (e.g., different businesses, business units, departments, locations). Click on the Settings tab in the cloud console, choose Groups, then click on the Add button. Type in the new Group Name, select the security policy for this group, and select the box to nest this group within an existing group

Added a scan progress dialogue window for Malwarebytes Endpoint Protection: When a user initiates a Threat Scan, they will see the details of all scan phases, files being scanned, number of items being scanned, elapsed time, and threats identified on their endpoint. They also have the option to cancel their Threat Scan in this dialog window

Improvements:

 Display selected Detection Details and Quarantine Details in their own modal dialog window

 Added new detection data fields within Detection Details (where applicable) for the group name the endpoint belongs to, IP address, and port number

 Enhanced cloud console Endpoint page by converting the list of Group names to a simple drop-down selector with filter capabilities:

 Updated Malwarebytes Discovery and Deployment Tool to warn if disk space is unavailable for installation on remote endpoint (To be released on 12/20)

 Updated Malwarebytes Discovery and Deployment Tool to display an error if download server cannot be reached (To be released on 12/20)

 Reduced Endpoint Agent error logging to only log unrecoverable errors

 Fixed: macOS tray icon tool tip doesn’t reflect policy setting

 Fixed: Inconsistent verbiage when no threats or infections are found in the console

 Fixed: Renamed “NebulaAgent” to “EndpointAgent” in macOS logs to maintain convention

 Fixed: Incorrectly formed exclusions prevent subsequent exclusions from being applied

 Fixed: Endpoint Agent Tray exceptions when switching between user accounts while an active scan is running

 Fixed: User-initiated scan UI Time Elapsed field resets when logging into a different user account

 Fixed: Visio 2010 uninstall string causes installed software list to not populate correctly

 Fixed: Malwarebytes Discovery & Deployment Tool would show a failure even if the agent was successfully installed

 Fixed: macOS handling of GMT (+0000) time

 Fixed: Web Protection will prevent web traffic for some customers who connected to a VPN. If you experience issues, please contact Malwarebytes Customer Success team with your VPN details for assistance

 Fixed: If an exclusion was entered incorrectly, the Endpoint Agent would ignore any subsequent exclusions

Known Issues:

 We are not currently listing the MD5 hash for processes that Exploit Protection detects. In order to add an Exploit Protection exclusion, administrators must calculate their own MD5 hashes.

Our next cloud platform update is scheduled for January 2018.

Share this post


Link to post
Share on other sites

Nebula downtime 12/20/17, 10pm ET

Configuration changes to production planned for tonight at 10:00pm ET. This will require multiple backend services restarts, which will result in downtime. During this time you will see the maintenance page when navigating to cloud.malwarebytes.com. Protection functionality will still be active and scheduled scans will continue to run.

Share this post


Link to post
Share on other sites

Upgrade reboot loop

The Malwarebytes Support team is aware of an issue that is currently impacting some of our customers. When upgrading from the earlier release to the December release, some customers are continuously receiving restart messages to complete the upgrade, even after restarting multiple times. Please be aware our engineering team is working on a resolution to this issue. If you have been impacted by this issue please follow the steps below to rectify:

1. Stop Malwarebytes Endpoint Agent Service
2. Uninstall Malwarebytes 3.3.2 from appwiz.cpl (add/remove programs)
3. Install Malwarebytes 3.1.8 using the installer in this box link: https://malwarebytes.box.com/s/21p0wuszmymn9vri8lkkxdz131zpwnwr
4. Start Malwarebytes Endpoint Agent Service

We apologize for this inconvenience and thank you for your patience!

Share this post


Link to post
Share on other sites

Cloud platform scheduled maintenance for January 11, 2018 at 8pm ET

We want to make you aware that on Thursday, January 11th at 8pm ET, there will be a scheduled down time for approximately two hours. We will be using this time to update the Malwarebytes cloud platform. During this time frame, endpoints will continue to be protected and scheduled scans will continue to run.

Thank you for your patience while we continue to improve our platform!

Share this post


Link to post
Share on other sites

Malwarebytes Cloud Console Issue Notification

The Malwarebytes Support team is aware of an issue that is currently impacting some of our customers. We have had customers contact support with servers consuming high amount of resources, high CPU usage or MBAMService.exe getting hung up. Our Engineering team is researching the cause of this issue and working to resolve. We apologize for this inconvenience and thank you for your patience!

Edited by djacobson

Share this post


Link to post
Share on other sites

Cloud platform scheduled maintenance for February 8, 2018 at 8pm ET

We want to make you aware that on Thursday, February 8th at 8pm ET, there will be a scheduled down time for approximately three hours. We will be using this time to update the Malwarebytes cloud platform. During this time frame endpoints will continue to be protected and scheduled scans will continue to run.

New Features:  

  • Added option for end users to perform context menu scans: Users can scan files on their Windows computer by right-clicking on the desired file(s) and selecting "Scan with Malwarebytes". This gives end users the power to scan any file they deem suspicious or out of an abundance of caution. Administrators must enable this optional feature in policy by toggling "Show Malwarebytes option in context menus (Windows only)" to ON:

 

0218-gonzo-update-ss00.jpg

0218-gonzo-update-ss01c

  • Added scheduled reporting: Administrators have the option to automatically receive an email for any desired report-providing them with daily, weekly, and monthly reports proactively in their inbox. Click on the Reports tab in the cloud console, click on Scheduled, select one or more reports, and click the Save Changes button. The CSV formatted report will be delivered once report generation is complete, based on the chosen frequency:

0218-gonzo-update-ss02.png

Improvements:  

  • Added "MD5" and "Affected Application" fields to Detection Summary report
  • Added product Version and Protection Update fields to Agent Info within Endpoint Overview
  • Endpoint name now deep links to its' Endpoint Overview screen from the Detections, Quarantine, Events, and Tasks tabs
  • Updated Forgot Password page–now email address field is in focus when navigating there
  • Updated cloud console to display an event when an end user postpones a required reboot
  • Updated Quarantine page so that items identified by Real-Time Protection will no longer show zeros for the Scan ID
  • Fixed: If an endpoint was powered down ungracefully (i.e., power outage) while a scan was running, a configuration file could become corrupted
  • Fixed: 100% CPU spike if an endpoint administrative user forcefully kills the Malwarebytes tray process when the Self-Protection Module is enabled
  • Fixed: Customers migrating from legacy Malwarebytes products (including Malwarebytes Anti-Malware v1.6, Malwarebytes Anti-Exploit v1.08, and Malwarebytes Management Console v1.6) will require 2 reboots in a row to complete the installation
  • Fixed: Some customers who have already migrated from legacy Malwarebytes products were stuck in a reboot loop during the last cloud update due to legacy products leaving behind orphaned registry keys
  • Fixed: Running Sysprep with the Malwarebytes Endpoint Protection agent installed fails. The workaround is to stop the Endpoint Protection agent tray process before launching Sysprep
  • Fixed: Detections that are found, but not quarantined, are not being counted in the Detection History tile on the Dashboard page–however, the Number of Detections chart on the Dashboard page is counting them correctly
  • Fixed: Exploit Protection doesn't start on Windows XP

Known Issues:  

  • When attempting to scan a shortcut file, the scan is not following the shortcut to the root file. Users can work around this by scanning the actual file(s) rather than the file's shortcut.

Share this post


Link to post
Share on other sites

March 8th Release

 

New Features:   
  • Added macOS support for Malwarebytes Endpoint Protection. Now businesses can centrally deploy and manage Malwarebytes Endpoint Protection across all of their Windows and macOS endpoints. Administrators can apply real-time protection via policy setting and perform manual on-demand scans and schedule automated threat scans of macOS endpoints-all from the cloud console:
0318-hugga-wugga-update-ss00.png 
 
  • Added option within policy setting that allows Mac end users to initiate on-demand scans:
0318-hugga-wugga-update-ss01.png 

0318-hugga-wugga-update-ss02.png
  • Added a "Seats in Use" counter to the License Information tab of the My Account section of the cloud console. Together with Term type (Evaluation or Subscription), Seat Count, Status (Active, Grace, Expired), and Expiration Date-administrators now can see how many seats are being used toward their subscription license:
0318-hugga-wugga-update-ss03.png 
  • Added hourly scan options for scheduled scans. This allows businesses to scan more often than just daily or weekly to detect threats and reduce potential threat dwell time:
0318-hugga-wugga-update-ss04.png 
Improvements:  
  • Updated the Endpoint Properties page and My Account section of the cloud console with horizontal tabs to match ongoing UI improvements:
0318-hugga-wugga-update-ss05.png 
  • Added Protection Update version for Endpoint Protection to the Asset reports
  • Updated Reboot Options in policy setting so they now apply to installation , updates, uninstallation, and detection removal
  • Updated Threat Cleaned email notification to include "Scan Type", a deep link to the Scan Report, and a deep link to the Group that the endpoint belongs to
  • Updated and reorganized the Add Endpoint page (within Endpoints tab) to the new UI look and feel:
0318-hugga-wugga-update-ss06.png 
  • Replaced scrolling records throughout the cloud console with pagination (default of 25 records)
  • Added audit event that is logged in the Events tab of the cloud console when a Scheduled Report is generated
  • Renamed "OS Platform" to "OS Version" (i.e., "Windows") and renamed "OS Release Name" to "OS Friendly Name" (i.e., "Microsoft Windows 10 Pro") within Endpoint Properties page and reports
  • Updated the Endpoint Properties page so that if an OS Version is not available, the UI will now display "Unknown"
  • Fixed: Quarantine page displays old quarantined items on top of the list
Known Issues:   
  • Endpoint Protection for Mac: Shows enabled/disabled notification even if tray icon is not present
  • Endpoint protection for Mac: Scan History tab does not get information populated if threat scan does not detect any threats
  • Endpoint Protection for Mac: Protection update version is reporting SDK version instead of DB version in Scan History, not reporting in Endpoint Details
  • Endpoint Protection for Mac: Timestamps in Scan History tab for macOS endpoints is in GMT and not the web browser's locale
  • Endpoint Protection for Mac: Free Physical memory is being reported as "0" in the Overview tab of Endpoint Properties

Our next cloud platform update is scheduled for April 2018. If you have any questions, please visit the Malwarebytes Support Website. 

Thank you for being a valued Malwarebytes customer! 

The Malwarebytes Product Team 

Share this post


Link to post
Share on other sites

Malwarebytes cloud console – Scheduled Downtime

The Malwarebytes cloud console is scheduled to apply back-end optimizations on March 24, 2018 at 8:00am EST / 5:00am PST. We anticipate up to 6 hours of console downtime to complete this update. During this time, your endpoints will continue to run scans on schedule and protect as configured by policy. Any scan data will be queued on the endpoint and transmitted to the cloud console once services are restored.

Share this post


Link to post
Share on other sites

Cloud platform update for April 12th, 2018 at 8pm ET / 5pm PT

 

New Features:

  • Added Syslog support. Now the Malwarebytes cloud console can transmit detections with Syslog servers and SIEM solutions capable of receiving Syslog messages. This allows organizations to centralize Malwarebytes’ threat detections with their existing threat data. All of this is accomplished without the need to install any additional software. Administrators can enable Syslog support by clicking on the Settings tab in the cloud console, select Syslog Logging, and then pick an existing Windows endpoint to be the communication proxy. Syslog Settings include specifying the IP address/host, port, and protocol along with options for message severity and communication interval (default 5 minutes)

 

Improvements:

  • Updated and redesigned Policies page to improve usability and match ongoing UI improvements. Policy settings are now feature-based vs. product-based:
  • Updated Policies page to inform Malwarebytes Incident Response customers of features available with Malwarebytes Endpoint Protection:
  • Enhanced Detection notification emails to include additional information about detections
  • Events are now recorded for Scheduled Scans, regardless if the scans were successful or failed
  • Added text field validation (character count) in Policies for custom reboot messages
  • Improved pagination performance for organizations with thousands of paginated pages of data
  • Fixed: Tray icon would not appear for some users of Terminal Services
  • Fixed: When a modal dialogue was open and an automatic log-out occurred, the modal was still visible
  • Fixed: Some administrators were receiving their scheduled reports twice
  • Fixed: Advanced Anti-Exploit settings dialog was saving changes even when the dialog was dismissed or canceled
  • Fixed: Upon logging into the console, a large number of “Unable to retrieve one or more dashboard data summaries” errors were displayed
  • Malwarebytes Endpoint Protection for Mac: Not sending up Agent Information


Known Issues:

  • The tray icon is not visible for the builtin\Administrator user on Windows platforms
  • Malwarebytes Endpoint Protection for Mac: Non-administrative users are unable to interact with the tray icon
  • Malwarebytes Endpoint Protection for Mac: Scheduled scans can be triggered incorrectly
  • Malwarebytes Endpoint Protection for Mac: For scans initiated from the endpoint, the cancel button loses focus
  • Malwarebytes Endpoint protection for Mac: Scan History tab does not get information populated if threat scan does not detect any threats
  • Malwarebytes Endpoint Protection for Mac: Shows enabled/disabled notification even if tray icon is not present
  • Malwarebytes Endpoint Protection for Mac: Protection update version is reporting SDK version instead of DB version in Scan History, not reporting in Endpoint Details
  • Malwarebytes Endpoint Protection for Mac: Timestamps in Scan History tab for macOS endpoints is in GMT and not the web browser’s locale
  • Malwarebytes Endpoint Protection for Mac: Free Physical memory is being reported as “0” in the Overview tab of Endpoint Properties

 

Our next cloud platform update is scheduled for May 2018.

Share this post


Link to post
Share on other sites

Scheduled Downtime - Malwarebytes cloud platform update - June 14, 2018

Malwarebytes is scheduled to update our cloud platform on June 14, 2018 at 8:00PM EST / 5:00PM PST. We anticipate less than 3 hours of downtime to complete this update. New product announcement, new features, improvements, known issues are detailed here - https://support.malwarebytes.com/docs/DOC-2554

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.