Hi ,
I have a keylogger written in python listening and sending a file containing the keys pressed by the user to an email every time the user press esc. i want to detect it using Sophos edr by a query that look to a process sending a file periodically…
Hello,
just to be sure because the new MacOS Monterey will be released this year, is there a roadmap that Sophos will be compatible with the coming OS (in time)?
Will be a EAP available for the MSP Partners ?
Thanks and Regards
Phil
Good morning all, I am beginning to have a serious issue with our PC's since moving over to Sophos Intercept X Advanced. I am beginning to have PC's stop sending their Heartbeat, Sophos Central shows the PC as no longer sending a heartbeat and I believe…
Hi to all,
I have a problem after migrating a client from SEC to Central, the problem is that the client as a message relay stays connected to the old SUM and fails to communicate with the Central Dashboard. Even if I uninstall and reinstall it it remains…
I am trying to allow a application to run on my system.
I have added the path to the application to the Allowed Applications section under Global Settings. And I have updated the client.
The application is still detected and blocked by the client…
Hello, We have a client that does not appear as managed computer in Central Admin but has Sophos installed. The Client is still in the "unmanaged devices" group. All services are up and the client can get updates.
I remember that we have to re-register…
Good afternoon!
I am working on a query where I would like to essentially perform a "For Each Loop" on the results.
I am not sure what the SQL equivalent is.
Can someone assist me and/or direct me to the proper syntax?
Based on the following query…
Good day everyone!
I am sure we have all seen a few of these pop up in our environments: "Safe Browsing detected browser Google Chrome has been compromised".
My question is, what steps do you take to investigate this alert? There is a rather small…
I have two questions
How do I quickly add quotes in the registry setting for hmpalertsvc entry to change it from this C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe to this “ C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe”?
When will…
Hi,
I'd like to know if anyone else has experienced this yet. I've had 4 customers now with HP Machines that have had issues with there PC performing incredibly slowly (basically unusable), the issue seems to be this new HP Wolf Security Bloatware that…
We would need to setup atleast 10 Syncs or more per day.
Why ?
We are managing Peripheral Control via Sophos but the users are managed via AD; So we need frequent sync of this group.
Any thoughts on How we can manage this ?
I just got around this morning to installing Intercept X on one of our web designers' MacBook Pro. Within a few minutes, she reported having issues with Sketch . The SophosCryptoGuardLegacy process would be pegged to 65+% CPU and Sketch would just hang…
Today I have been receiving detections for C2/Generic-A on my mac clients the offending process is /usr/libexec/trustd and it is reaching out to IP 104.18.21.226. This IP is owned by cloud flare and hosts alphassl.com so it seems to make sense that the…
I work at a school where we deployed DeepFreeze to laptops that were given to students for the purpose of online classes. These were also provisioned with Sophos Intercept X to monitor and restrict web access which is really more important to us than…
Hello everyone,
I have two Windows Servers that report the HitmanPro.Alert service as Stopped.
Once I open windows services and try to manually start it I get this message:
"Windows coul not start the HitmanPro.Alert service service on Local…
Hi everyone, I'm migrating my clients from sophos enterprise console to sophos central. I have no problems migrating main office computers, I have problems with brench offices that have a Remote update manager. I'm following this guide which seems pretty…
Hi Community,
Recently the some employees asked for vpn remote access from home to certain applications in our company data center via their personnel mobile phones, is their any solution to check the security of that device ( per ex: is their any…
Hello,
I've noticed that a new tab has been added recently for 'Unmanaged devices' in computers and servers, but the page doesn't get anything and loading keeps on with no items were found.
Does anyone else get 10+ threat cases created for a single detection? For example, Sophos picked up some phishing from Outlook and generated 10+ threat cases:
I don't think the user would try 10 times to open this email attachment. Anyone have…
Hey guys,
we recently ran into an issue on MacOS Big Sur and within "system preferences" --> "Security & Privacy" --> "Privacy" --> "Files & Folders", possibly related to the presence of Intercept X for MacOS, as we don't see that strange behaviour…
Hello, we have the license for Intercept X advanced which 600+ users are using, a month ago a started the trial for the Intercept X advanced with EDR on the same
central account, all the machines switched to the trial license, now that the trial ended…
There appears to be a delay between when an event happens on a server or endpoint and when I can run a live discover query on that data in the data lake. How long does it take for the Sophos agent to synchronize or upload it's data to the data lake?