Hello Everyone, I have tryied to search about this in the forum but couldn't find anything.
My scenario is : XGS2100 Xstream protection + Endpoints with advanced Threat protection.
I keep receiving this two alerts but I have tried to see what to do…
I have a device that at some point was deleted from the Sophos portal. I've tried reinstalling Sophos but am getting a message stating that tamper protection needs to be disabled. What steps can I take to get the device back on the portal?
Thank you…
Hi to all,
I'm confused about a cryptoguard detection, it seems they found ransomware on a component of sophos itself.
id: {"type":3,"data":"10HWczOjodtRTCUtmJysJQ=="}
family_id: a1e45bc2-168e-553c-f81a-5e712666d413
process_alias_path…
When installing core agent 2023.1.3.5, some devices show 2023.1.3.5 BETA and some show 2023.1.3.5 versions. Why is there two versions? When did the version change? Updating does not change it to 2023.1.3.5 BETA version to 2023.1.3.5.
Auf dem Windows Server 2012R2 Standard habe ich " Intercept X Advanced for Server with XDR" installiert.
Problem: Obwohl alles nach der Installation gut aussieht, werden die Server nicht aktualisiert und kommunizieren auch nicht mit Central.
…
Hi, I have an annoying problem with the Sophos Endpoint Agent. When I am connected to the internet everything is fine. However, when I unplug the cable and am offline, the load on SEDService.exe goes way up. I have now noticed that under C:\ProgramData…
Hey Everyone,
Scratching my head over how to deal with this PAU as I can't find much information on it on the old Google box.
The identified PAU is PsExec located within the ZIP WPJCleanUp, PsExec as well as WPJCleanUp are legitimate Windows resources…
Hi
I have ssl inspection in intercept x advanced with xdr/
I have a problem surfing with firefox.
the message is:
Software is Preventing Firefox From Safely Connecting to This Site
mxtoolbox.com is most likely a safe site, but a secure connection…
Heartbeat is becoming my best friend.
Yesterday I identified a Windows Server that had no heartbeat due to expired certificates. I reinstalled the agent and all was fine.
Later the endpoint updated the heartbeat component from 1.15.835.0 to 1.15.1122…
Good morning,
We use Faronics Deep Freeze in our environment on shared-use PCs in classrooms and computer labs. We are experimenting with turning on data lake uploads to start using the threat analysis center, and the Deep Freeze detections are very…
Sophos home,
Since the 28th of october I've been getting a message stating a scan will start due to ransomware detected a few days ago. I perform a scan and nothing is found but everyday i get this message.
The file mentioned in the history is, C…
Open Powershell 7 Connect-IPPSSession -UserPrincipalName User@domain.com
MS login processes starts by trying to open a browser window with a local host address and a random port. The connection is refused and the login process to MS stops
localhost…
Hello everyone,
I miss the functionality of the application control in the endpoint protection that is available with SFOS.
Although there is an application control, it can “only” control which application on the system are allowed or denied for running…
Hello,
We had a previous IT company that we have dropped and they supposedly removed Sophos Endpoint Protection on 200+ devices but we found it on 145 ish devices. They won't give us access to the portal and they are stating there is nothing they…
Hello. On some sophos endpoints the following error appears "Manual malware cleanup required: 'Unknown Threat' at 'null'". Could you tell me what this error refers to or how to solve it? The version in which this error appears is CoreAgent 2023.1.3.5…
We have several clients accessing this website.
The message in Sophos:
The root cause tried to access a URL known to be associated with malware.
URL: rinozuid.anewspring.nl/jsonrpc
Is this website actually a risk or is this a false…
Hi sophos team. I have an issue with sophos endpoint. The computer is so lagged when updating windows. Sophos endpoint defense software and sophos file scanner took over 50% cpu, do we have settings to bypass scanning update from window.
The endpoint…
I'm doing a POC with Crowdstrike and on the test computer we received a file that was detected as ( RegistryPersistEdit ) by Crowdstrike's machine learning. Sophos detected nothing and let the file make changes to the Windows registry. Sophos machine…
Sophos NTP64 installation fails on Server 2019 Standard, see error log below:
2023-10-16T12:13:04.0582833Z INFO : Running C:\\Users\\FBS_AD~1\\AppData\\Local\\Temp\\SophosSetup-1000217844\\Setup.exe 2023-10-16T12:13:04.0582833Z INFO : Stage 1 command…
Hello there,
Is there any tool to lookup URLs and find their classified categories for use with Central Endpoint WebControl?
The categories don't match up with SFOS categories and the explanation of the categories, while verbose doesn't provide…