Any update on this?
Just curious to know if this is by design or a bug.
Cheers
Hello @BShh
fwiw ~
Just reported this “issue” to Norton support over on Xtwitter.
https://community.norton.com/t/keine-benachrichtugung-mehr/239859/10?u=bjm
Thanks for the update, bjm.
This still isn’t working. Thought it might be a deliberate decision, but download Intelligence is still an option and turned on.
Hello @BShh
v24 Download Intelligence differs from v22 Download Intelligence → Download Insight
v24 Download Intelligence → Detects and analyzes suspicious files when you attempt to run or download then from the internet.
v24 Browser Protection and Auto-Protect seems to (with my testing) be doing the heavy lifting. My v24 Security History seldom reports Download Intelligence event.
===========================================
Note: v24 - Download Intelligence detects and analyzes suspicious files
1 Like
Good spot, @bjm. I still miss the reassurance of downloading any file and having it pop up as safe (or not), but I can understand why they’ve changed that.
Good to know. Thanks.
1 Like
Hello @BShh
Yes, I miss v22 functions…too.
fwiw ~ my first and as I recall only v24 Download Intelligence report here
1 Like
Good to know, @bjm. I don’t have anything in that section yet, but will check it periodically.
1 Like
Yeah, I’ve tested samples from URLhaus.
Browser Protection &or Auto-Protect block samples.
for example:
7cd85c2320e7/2024-11-19T21:02:26.018Z
Threat name: ELF:Agent-BSC [Cryp]
Threat type: Cryptic - This threat is heavily disguised to hide its malicious actions.
Status: Aborted
Detected by: Browser Protection
Origin
Downloaded from: http://115.nn.n.103:38576/i
Activity
Path | Type | Status
http://115.nn.n.103:38576/i | URL | Blocked
==========================================
Download Intelligence → No event found
Yeah, I’ve tested samples from URLhaus.
Browser Protection &or Auto-Protect block samples.
Note: same sample here minutes later with Browser Protection disabled…as test
c52467a3889e/2024-11-19T21:13:25.272Z
Threat name: ELF:Agent-BSC [Cryp]
Threat type: Cryptic - This threat is heavily disguised to hide its malicious actions.
Status: Moved to Quarantine
Options: Report as false positive
Detected by: Auto-Protect
On PC from: 11/19/24
Last Used: 11/19/24
Startup Item: No
Unknown
It is unknown how many users in the Norton Community have used this file.
Mature
This file was released 4 years ago.
High
The file risk is high.
Origin
Downloaded from: http://182.nnn.nnn.172:58366/bin.sh
Activity
Path | Type | Status
C:\User\user\Edge\user\current\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_001425 | File | Repaired
===================================
Download Intelligence → No event found
1 Like
Thanks for that, @bjm. Good to know.