Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

Application Control Updates Pre-release Notice

Important-

1. [RESOLVED] : Latest Application Control Release Blocking Applications Not Visible On Central

2. This is to notify all Sophos customers that Master Remote Sistemas Ltda Application will be detected as Potentially Unwanted Application(PUA) from 6th February 2024.

The following have been identified as applications that would benefit from some level of control and will be added to the existing list. 

Note: These applications will be automatically blocked for customers who have enabled the following optional setting in their Application Control policy for their Sophos Central:

  • Sophos Central: New applications added to this category by Sophos

If you don’t want new applications to be automatically blocked the above setting can be disabled.

Sophos will be releasing Application Control in two different parts. The latest released applications would be visible in Central, 24 to 48 hours prior to the identity release. Therefore, customers are requested to wait 24 to 48 hours to Allow/Block most recently released applications in Central. 

This is a notification for the latest Application Control 6.07 data update, which is currently planned to be rolled out on the 20th February 2024. Occasionally the list changes slightly before the release date, there will be a follow-up update on the release date to confirm it has been released.

Application name Type Owner
iSpring Free Cam ScreenCapTool iSpring Solutions, Inc.
Saral TDS AssetMan Relyon Softech Ltd
WiFi Password Revealer PasswordTool ONE UP LTD.
Rony Password Safe PasswordTool Rony Shapiro
Game Bar Toolbar Microsoft Corporation
Bria Enterprise VOIP Alianza, Inc.
AVG Secure VPN Proxy AVG Technologies
Norton Secure Browser Browser NortonLifeLock Inc.
BareGrep SystemTool Bare Metal Software Pty Ltd
BareTail SystemTool Bare Metal Software Pty Ltd
Lens Desktop SystemTool Mirantis, Inc.
FleetDeck Commander RemMan FleetDeck Inc.
Pulseway RMM RemMan MMSOFT Design Ltd.
BadCopy Pro SystemTool Jufsoft Software
GotoHTTP RemMan Pingbo Inc
iMyFone AnyTo Virtual iMyFone
GalacticScan SecurityTool Galactic Advisors
Beekeeper Studio ProgrammingScriptTool Beekeeper Studio, Inc.
DBeaver Database Tool ProgrammingScriptTool DBeaver Corp
Navicat Premium ProgrammingScriptTool PremiumSoft CyberTech Ltd.
OmniDB Database Management Tool ProgrammingScriptTool OmniDB Team.
     
macOS    
Lens Desktop SystemTool Mirantis, Inc.
Pulseway RMM RemMan MMSOFT Design Ltd.
GotoHTTP RemMan Pingbo Inc
iMyFone AnyTo Virtual iMyFone
Beekeeper Studio ProgrammingScriptTool Beekeeper Studio, Inc.
DBeaver Database Tool ProgrammingScriptTool DBeaver Corp
Navicat Premium ProgrammingScriptTool PremiumSoft CyberTech Ltd.
OmniDB Database Management Tool ProgrammingScriptTool OmniDB Team.

For information on configuring Application Control please review these links: 

  • Starting this Night between 23:00 - 23:30) ... without any local change ... Sophos UTM in malaysia is blocking ZOOM.

    User see a Block-page:
    https://myCompany.zuum.us/
    The URL you have requested matches a forbidden application. If
    you think ...
    ZOOM

    Ideas?

    /var/log/http/2024/02/http-2024-02-27.log.gz:2024:02:27-22:55:03 sfm-f-001-2 httpproxy[6783]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.6.3.18" dstip="170.114.52.3" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffSfDefauConte (SF Default content filter action)" size="82914" request="0x7fe645e28000" url="https://us02web.zoom.us/" referer="" error="" authtime="0" dnstime="23625" aptptime="239" cattime="0" avscantime="0" fullreqtime="301679051" device="1" auth="2" ua="" exceptions="auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size,patience"
    /var/log/http/2024/02/http-2024-02-27.log.gz:2024:02:27-23:05:52 sfm-f-001-2 httpproxy[6783]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.6.3.18" dstip="170.114.52.3" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffSfDefauConte (SF Default content filter action)" size="8802" request="0x7fe645152000" url="https://us02web.zoom.us/" referer="" error="" authtime="0" dnstime="32025" aptptime="232" cattime="0" avscantime="0" fullreqtime="300896676" device="1" auth="2" ua="" exceptions="auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size,patience"
    /var/log/http/2024/02/http-2024-02-27.log.gz:2024:02:27-23:06:42 sfm-f-001-2 httpproxy[6783]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.6.3.18" dstip="170.114.52.3" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffSfDefauConte (SF Default content filter action)" size="8810" request="0x7fe645820400" url="https://us02web.zoom.us/" referer="" error="" authtime="0" dnstime="4" aptptime="189" cattime="0" avscantime="0" fullreqtime="301217972" device="1" auth="2" ua="" exceptions="auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size,patience"
    /var/log/http/2024/02/http-2024-02-27.log.gz:2024:02:27-23:23:28 sfm-f-001-2 httpproxy[25926]: id="0066" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden application detected" action="block" method="CONNECT" srcip="10.6.3.18" dstip="170.114.2.55" user="" group="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffSfDefauConte (SF Default content filter action)" size="0" request="0x5be2c00" url="https://xmpp003.zoom.us/" referer="" error="" authtime="0" dnstime="156182" aptptime="223" cattime="0" avscantime="0" fullreqtime="5781404" device="1" auth="2" ua="" exceptions="auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size,patience" application="ZOOM" app-id="2032"
    /var/log/http/2024/02/http-2024-02-27.log.gz:2024:02:27-23:23:28 sfm-f-001-2 httpproxy[25926]: id="0066" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden application detected" action="block" method="CONNECT" srcip="10.6.3.18" dstip="170.114.2.55" user="" group="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffSfDefauConte (SF Default content filter action)" size="0" request="0x11664c00" url="https://xmpp003.zoom.us/" referer="" error="" authtime="0" dnstime="5" aptptime="216" cattime="0" avscantime="0" fullreqtime="3797401" device="1" auth="2" ua="" exceptions="auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size,patience" application="ZOOM" app-id="2032"
    /var/log/http/2024/02/http-2024-02-27.log.gz:2024:02:27-23:23:28 sfm-f-001-2 httpproxy[25926]: id="0066" severity="info" sys="SecureWeb" sub="http" name="web request blocked, forbidden application detected" action="block" method="CONNECT" srcip="10.6.3.18" dstip="170.114.14.64" user="" group="" ad_domain="" statuscode="403" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffSfDefauConte (SF Default content filter action)" size="0" request="0x7fa34a01e000" url="https://us02zpns.zoom.us/" referer="" error="" authtime="0" dnstime="62060" aptptime="309" cattime="0" avscantime="0" fullreqtime="2178195" device="1" auth="2" ua="" exceptions="auth,content,url,ssl,certcheck,certdate,mime,cache,fileextension,size,patience" application="ZOOM" app-id="2032"