Our security software is not happen with what might be legitimate GotoMeeting updates. I am unable to find a web page here that lists the current file hashes (SHA256) in order to verify these files are legitimate???
Firewall information can be found here: https://support.logmeininc.com/gotowebinar/help/optimal-firewall-configuration-g2w060025
Release notes and updates will be found here: https://community.logmein.com/t5/GoToMeeting-News/bg-p/GoToMeeting-Release-Notes
Thanks, but none of those links have hashes of the executables. SHA256 hashes are what most antivirus tools are using and these need to be published for .EXE files that GotoMeeting pushes out. At this point your files are being flagged as malware/ransomware and being deleted by our security software -- or someone naming their malware similar to names used by GotoMeeting.
Other vendors publish hashes for their files... often they publish SHA1 and SHA256 so a receiver can verify the file was transmitted completely and has not been modified by a hacker on a mirror site.
We use Cylance, a next generation antivirus product that looks at the make up of the file to determine it is dangerous vs. relying on lists of bad things after a virus has run amuck on the internet. We do see occasional issues with the product flagging what is considered okay software, even though the code uses similar techniques as hackers who want to ransom our data.
Yes, the hashes are not static. Each time code is promoted to production the hashes should be created and posted for every program the company provides. Just about every other vendor who provides downloads for programs provides this so a person can verify the authenticity of a download as well as the integrity in case the download didn't complete successfully.
LogMeIn needs to provide the hashed values for all of its software as released. LogMeIn should have a software development process and part of that process should include updating a web page with filenames of programs and the SHA256 hash so customers can verify a file is legit.
LogMeIn continues to distribute new versions of their GotoWebinar software that causes the same issue...most likely a false positive, but without published SHA256 hashes our security stack will not allow these to run. I opened a ticket and got nowhere with vendor...is anyone listening here? Please, publish your programs with their SHA256 hashes so we can verify the software is actually from you!