Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Outbreak Mal/HTMLGEN-A

We have several clients accessing this website.

The message in Sophos: 

The root cause tried to access a URL known to be associated with malware.
URL: rinozuid.anewspring.nl/jsonrpc
Is this website actually a risk or is this a false positive from Sophos or is there action required from our side to block this website.


This thread was automatically locked due to age.
Parents
  • Thank you for reaching out to the community forum.

    Based on the tagging that we're seeing on our Intelix website. The website is categorized as Malicious. There might be some code embedded in this website that isn’t suitable to access and may cause harm. You can allow this website and change its categorization by requesting a website reassessment request if you can confirm that it’s legitimate. We can't confirm if this is a false positive detection as this is the report our lab team got from this website. 

    If this website is used for your clients day to day-to-day production then I believe it better to proceed with submitting a reassessment request. But it not then I would suggest letting the current detection as it’s. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Reply
  • Thank you for reaching out to the community forum.

    Based on the tagging that we're seeing on our Intelix website. The website is categorized as Malicious. There might be some code embedded in this website that isn’t suitable to access and may cause harm. You can allow this website and change its categorization by requesting a website reassessment request if you can confirm that it’s legitimate. We can't confirm if this is a false positive detection as this is the report our lab team got from this website. 

    If this website is used for your clients day to day-to-day production then I believe it better to proceed with submitting a reassessment request. But it not then I would suggest letting the current detection as it’s. 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
Children
No Data