As of May 21 2020, a False positive C2/Generic detection for multiple different softwares were being detected on Sophos Firewalls and on Sophos Endpoint software.
Applies to the following Sophos product(s) and version(s) Sophos UTM Sophos Firewall Sophos Anti-Virus
On the Sophos Firewalls and on Sophos Endpoints for C2/Generic detections (commonly C2/Generic-A) are seen with the following Threat ID: 811385046 or IP: 220.127.116.11.
We originally had a detection of it being a malware/callhome. As of May 21 2020, we have discovered this to be a false positive and have since changed it back.
Issue is resolved and no update needed.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.