 |
 |
|
Try our new Certificate Revocation List Check Tool CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files. |
||
The falcon has crashed BSOD blue screen of death on clients and server OS Red Teams and Hackers > see where you have brought us? https://www.trellix.com/about/why-trellix/vscrowdstrike/ The latest CrowdStrike Falcon Sensor update is causing a widespread issue resulting in a Blue Screen of Death (BSOD) boot loop globally. It’s a security professional’s worst nightmare […]
M.A.S.U (M)CAFEE (A)TD (S)ANDBOX (U)PLOADER V4.1, Mike Butsch, Senior System Engineer, www.butsch.ch Remark 2024: Everything will work for TIS / Trellix Intelligent Sandbox we have been using the same tool with every release of TIS. Hopefully there is a ready solution for FireEye without using Python The tool is freeware, feel free to use it. […]
CRLcheck.exe Certificate Revocation List Check Tool to automatic verify CRL and OCSP internet reachability of all your EXE files that your client runs. Download 11/2024 NEW Release 2.0.1.0 with OSCP check, Proxy Options, AIA Chain check etc. Version 2.0.1.0, https://www.butsch.ch/wp-content/uploads/tools/crlcheck/latest/crlcheck.7z Over the past 20 years, I have personally witnessed how Certificate Revocation […]
Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express Does also happen with: EPO5100_ServicePack1_4098_LR1.zip (lATEST DOWNLOAD 01.05.2024) Just had a case where we searched for longer, but it was NOT related to a dual install of WSUS+EPO. Because we sometimes have a dual install of EPO and WSUS roles on the […]
Ransomware in der Schweiz Lösungsansätze für mehr Cybersicherheit Die Bedrohung durch Ransomware in der Schweiz erfordert intelligente Lösungen. Eine effektive Methode, die sich bewährt hat, ist der Einsatz von “Black/White-Listing” Technologien, wie sie beispielsweise von McAfee TIE bereitgestellt werden. Diese fortschrittliche Technologie, die auf intelligenter Listenführung basiert, stellt derzeit die einzige wirksame Lösung dar, um […]
Trellix/MCAFEE ATD: Sandbox stays at STATUS BAD We just had a case where an MCAFEE ATD-3000 Sandbox was staying at the Status BAD. A person hat submitted a file to analyse with XVIEW (Look into the Sandbox) and did shutdown the VM after that analyse. NO > Rebuild of the VM’s did not solve NO […]
Ich habe einige neuere Präsentation zu neuen Webisolationen Konzepten angesehen. Arbeite selber zu 90% mit Mcafee seit 12 Jahren kenne aber diverse Symantec Enterprise Produkte von früher. Symantec bewirbt derzeit Ihre Web Isolation Loesung. (Fireglass gekauft und integriert in Ihre Serie der Produkte) Der key Punkt ist, dass dies bei Grossfirmen NUR in Verbindung mit […]
