This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ATP reports connection to botnet

A Sophos XG with version SFOS 17.5.15 MR-15 reports a daily communication attempt with a botnet or "command-and-control" server. However, the same happens with Sophos XG and the current version 18.

There are connections to blog.alexmaccaw.com, which originate from Windows servers as well as clients. According to entries on the Internet, this site is from a blogger and is classified as "Normal = Green". A dedicated call of this page by users does not occur, it seems to be an issue in the Microsoft operating system or a specific application.

Does the community know anything about this and is it possible to create a suitable whitelist for the blog.alexmaccaw.com website in the ATP?



This thread was automatically locked due to age.