Dear All, im facing CrytoGuard detected on sophoscleanup.exe CryptoGuard detected ransomware in C:\Program Files\Sophos\Endpoint Defense\SophosCleanup.exe anyone encountered this issue before?

Hello everyone, i am looking for a option to restrict the download of compressed files via Sophos Intercept X Advanced. In our XG 230 we set the filetyp "Compressed Files" to "warn" and it works as desired. But we also have a few notebooks that leave…

We have been getting some "Policy non-compliance: Exploit Detection" alerts from some of our devices. These then return to compliance once the device was next powered on. This is great that they return to compliance, but there doesn't appear to be any…

Hello, I have been asked by a customer if there is a document which thouroughly explains how 'Protect critical functions in web browsers (Safe browsing) works but cannot seem to find anything. Does such a document exist? Thanks, Lee.

Sophos Endpoint is detecting a CryptoGuard detected ransomware in C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2302.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe I am unsure of the reason behind this detection and would appreciate your help in resolving…

We are hit with potential ransomware but it shows strange originating IP address. How can i figure out where it originated. CryptoGuard detected a ransomware attack from fe80::6d67:8f89:d7d5:be80

Now this mode only has observation mode, I hope to add interception mode in the future, for example, if the high risk level exceeds a certain score, automatic interception will be triggered and threat chart will be automatically built

I downloaded Eicar in several versions and was confused about this event in the Sophos Endpoint. We do not have eicar on an allow list. Event on the endpoint agent: and in Central: In the documentation I found that zip files containing virus…

Hello everyone, I have a problem with eset full disk encryption, in my organization clients have sophos Intercept X Advanced endpoint, and when ı start disk encryption with eset there are alerts by sophos hitman pro that does not permit for encryption…

Hello there... I am facing the following problem: I can not ping nor access shared folders and similar protocols on computers with Sophos Endpoint installed with module "Sophos Intercepct X" enabled, Windows Firewall feature enabled and Windows Firewall…

We getting this alert few days ago. Can somebody help me to understand it legit or not? Thank you in advanced. Endpoint Type: Computer OS: Windows Device: HoKahMunNB Ransomware: uid: 0bcd57bb-ee99-4a28-b0d0-ec76291e25f4 family_id: 8f45804d…

Hi I have the same issue as the users in this thread. https://community.sophos.com/community-chat/f/discussions/108211/rop-exploit-prevented-in-microsoft Our users are trying to use a VoIP tool called VoIPOffice Communicator and Sophos is blocking…

There is one client that does nothing else than reporting WipeGuard preventions. Even for Sophos Processes. What's the use of that feature and log? Initial Detection: WIN-MITRE-Behavioral-TA0040-T1561.002

I have a couple of computers that when downloading, it will stay at 100%. will not allow you to open the file/ will not open "Show in folder".... I can go to my downloads page and I can access it and run the download from there. So after so much troubleshooting…

* Posting here as it touches multiple Sophos products * We currently have a client that are experiencing significant issues since early last week whereby users of the VPN are being intermittently disconnected and a 'cypher' error detailed within the…

J’a

we have a desktop users which is installed the intercept x endpoint. now for these user are facing an issue that when they open a specific link the chrome or edge is getting error pages un responsive. when try with another user from the desktop which…

We are using Intercept X on all of our workstations and I would like to setup a policy where users cannot upload files to any sites. (webmail, online storage, etc.) But I want them to be able to still download from those same sources. Is this possible…

Hi, We have had 2 of these notifications over the past week on two computers days apart. Can somebody please help me to understand this. Many thanks in advance. Endpoint Type : Computer OS : Windows Device : …

Does sophos protect mapped drives on endpoints?

Hi I would like to know about SoPhos process information. Please tell us in detail what function the two processes below perform. 1. SoPhosFilesScanner.exe 2. SSPService.exe

Cryptoguard bloqueando aplicação que o cliente já utilizava. Aplicação de confiança, mesmo marcando como confirmado e como resolvido o mesmo continua impedindo a aplicação.

My feeling is, Sophos does not know about the Intercept-X EAP forums. So I put this to focus here. Maybe one of the Sophos members can bring some light into this issue, it this is on Sophos' screen and will be fixed? https://community.sophos.com/intercept…

Hello I some instances we use Sophos intercept for servers. and it is quite compicated to manage access for Sophos agent to connect to sophos central. In Palo Alto Cortex XDR there is such thing as connetion Broker, that can be installed on prem and…

Well hello there, is there any way to trigger a FileScan from commandline with Intercept X? I know with the old endpoint protection you could use the sav32cli.exe, but i can't find this in the new intercep X agent. Hope some one can help. Greeting …