When deploying the Malwarebytes Endpoint Agent on macOS Catalina 10.15 or macOS Big Sur 11.x, Full Disk Access must be manually granted on the endpoint so Malwarebytes can scan all disk locations for threats. Due to Apple’s Transparency, Consent, and Control (TCC) feature, Malwarebytes cannot access sensitive folders for potential threats until Full Disk Access […]
Category: Malwarebytes Endpoint
Endpoint shows needs attention indicator in Malwarebytes Nebula
In the Nebula console, on the Endpoints page under the Status column, a Needs Attention indicator means there is an issue. Click on the indicator to display the error message. Error messages The Malwarebytes Endpoint Detection and Response plugin on this endpoint didn’t start correctly. This needs your immediate attention, as files cannot be cleaned and no […]
Endpoint Protection’s Anti-Exploit protection is blocking Visual Basic 6 (Malwarebytes)
Malwarebytes’ Anti-Exploit protection hooks into browsers to monitor for the launching of VBscript interpreters with a generic detection and block all VBscript invocations. This is consistent with Microsoft’s statement that “VBScript is deprecated in Internet Explorer and is not executed for webpages displayed in IE11 mode”. Refer to Disabling VBScript execution in Internet Explorer 11. Microsoft […]
Endpoint Protection Agent on Windows 2008 fails to register with Malwarebytes Nebula
If the Malwarebytes Endpoint Agent is installed on Windows Server 2008, it may fail to wp-signup.php with the Malwarebytes Nebula console. When the Malwarebytes Endpoint Agent fails to wp-signup.php, the following error appears in the logs: The client and server cannot communicate, because they do not possess a common algorithm. Cause The Malwarebytes Endpoint Agent […]
Endpoint didn’t start correctly in Malwarebytes Endpoint Detection and Response
Malwarebytes Endpoint Detection and Response endpoint is displaying the needs attention indicator . Click the indicator to see the message. If you receive the following error message: “The Malwarebytes Endpoint Detection and Response plugin on this endpoint didn’t start correctly. This needs your immediate attention, as files cannot be cleaned and no events can be logged.” […]
Enable debug logging on the Malwarebytes Endpoint Agent
You can enable debug logging on the Malwarebytes Endpoint Agent to collect diagnostic logs. Malwarebytes Business Support may request these logs to provide assistance with your Malwarebytes Nebula platform. Both Windows and Mac endpoints support debug logging, which is enabled either from the Windows tray icon, Mac menu bar icon, or the command line. Enable […]
Did not receive Malwarebytes Endpoint Protection emails
Malwarebytes Endpoint Protection sends out an email to customers after wp-signup.phping for a trial or when adding a new user to the Nebula platform. If you do not receive these emails, this may be due to spam filter settings in your organization. See the following troubleshooting to ensure your organization gets all Malwarebytes emails. Not […]
Delete isolated endpoints in Malwarebytes Nebula
If an endpoint is isolated and can’t communicate to the Nebula console, because: The Malwarebytes Endpoint Agent was uninstalled in Safe Mode The endpoint device was reimaged The device was removed from your network You won’t be able to remove the isolation from the endpoint. You must delete the isolated endpoint. Log in to the Malwarebytes Nebula […]
Approve kernel/security framework extension for Malwarebytes Endpoint Protection on Mac devices
Apple has made changes starting with macOS High Sierra 10.13. These changes affect the ability to deploy software using kernel or security framework extensions in the enterprise. Malwarebytes Endpoint Protection and Endpoint Detection and Response for Mac uses a kernel extension for macOS 10.13, 10.14 and a security framework extension for macOS 10.15 to deploy […]
Protect your network from Emotet Trojan with Malwarebytes Endpoint Protection
Emotet is a banking Trojan that can steal data by eavesdropping on your network traffic. Its goal is to steal user credentials. Emotet is commonly spread by email, both using infected attachments as well as by embedded URLs in the email that download this Trojan. Due to the way Emotet spreads through your network, any […]