• C2/Generic-A - UTM DNS attack

    ncor
    ncor
    Hello, For a few days we have been receiving disturbing mail notifications from our UTM sophos. I hope you can help me to identify and maybe solve the problem. For security reasons, I replaced the public IP of our Sophos UTM. The notification provides…
    • over 2 years ago
    • UTM Firewall
    • Network Protection: Firewall, NAT, QoS, & IPS

  • RE: C2/Generic-A Originating from AFCd?

    KashifMoazzam
    KashifMoazzam
    I am having the same issue. It seems to be attempting to reach the domain <random>.app.anmorencai.com Some information I have found: Parent server gave glue for app.anmorencai.com to be app.anmorencai.com.qingcdn.com but we resolve that hostname to…
    • over 8 years ago
    • UTM Firewall
    • Network Protection: Firewall, NAT, QoS, & IPS

  • C2/Generic-A Originating from AFCd?

    JohnRiley
    JohnRiley
    Hi everyone, looks like I have a similar situation to a few people. NO Windows machines on the network, just OSX and Linux (QNAP). Woke up to over 1400 emails regarding ATP C2/Generic-A. But the originiating seems to be from AFCd? Any idea what this…
    • over 8 years ago
    • UTM Firewall
    • Network Protection: Firewall, NAT, QoS, & IPS
  • View related content throughout UTM Firewall
  • More
  • Cancel