SSL Stripping recognized?

Question

Hello there, 
 we are using different and totally separated wifi connections in our business unit (also from different providers). Since today we get a nottification from Sophos Mobile Security for every of these WIFI&acute;s that there is SSL Stripping recognized. This is even the case when there is no browser used on this smartphone. Can this be an issue of todays software definitions? Of course we already had scanned the Smartphone with Sophos Mobile Security but there was found no problem. 
 Kind regards - Hannes

TLI · Accepted Answer

Hi, 
 A last and hopefully final message from my side. We have released an update to our data via the Sophos data warehouse. All mobiles receive this update, and it should fix the issue. Your well-known networks should no longer show any warning. 
 Normally the update gets applied automatically, but you can manually request the update using this procedure: 
 
 Go to Settings 
 Scroll down till you see &ldquo;Last update&rdquo; and click on this. A message &ldquo;Updating anti-virus data&rdquo; will be shown. 
 Wait for some time (depending on network connectivity) 
 Switch to Wi-Fi Security in the menu and re-scan your current connection 
 Your network should now no longer be marked as bad 
 
 Please let us know, if this procedure does not fix your issue and you continue to see a warning. 
 Thank you all for your patience and I very much apologize if this issue caused any troubles on your side 
 Thomas

Gowtham Mani · Answer

Hi Everyone, 
 A definition update was published resolving this issue. Please refer the following KBA . 
 Sophos Mobile Security for Android - Wi-Fi connection listed as insecure due to detected SSL stripping

TLI · Answer

Hi, this is Thomas from the Mobile Product Management team. 
 I have experienced the same issue with two well known and secure networks. We are not sure, what is triggering this as we have not made any changes recently. 
 For the moment please regard this as false positive. We will investigate with all hands on deck tomorrow morning (Central European Timezone) and provide an update afterwards. 
 Sorry for any inconvenience. 
 Thomas

Dan Mosier · Answer

We are also seeing this on our home network. We have Sophos installed on 3 Android phones. Security scans say no issues found. The SSL Stripping Detected message is new to our devices this morning. I uninstalled Sophos from one phone, installed Avast and ran its wifi security tool which showed no issues, then uninstalled Avast and reinstalled Sophos. The SSL Stripping Detected message continues to show. With others seeing this today I'm wondering if the problem is with a software update to the app versus an actual threat. I don't know if Sophos employees monitor this forum but would appreciate some guidance if so. I use my home network to connect to a work VPN and am concerned with possible vulnerabilities.

FloSupport · Answer

Hi All, 
 Apologies for this inconvenience and thank you for reporting this. 
 I will be reaching out to our team and following up with feedback I receive. 
 Regards,

TLI · Answer

Hi, this is Thomas from the Mobile Product Management team. 
 A quick update on this issue. We have identified the root cause of the issue and an update of our test data is currently processed to be distributed via Sophos cloud-based services. 
 Please stay patient for some more time till this is processed. The app will update its data automatically and this issue will disappear. 
 I will send another update, once we update has happened and Sophos Mobile Security will again work as expected 
 
 Thomas