This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

crl.verisign.com Threat Protection false positives?

Hi all,

We are seeing an increase in ATP notifications just today, in relation to *crl.verisign.com

This seems like its a certificate look up? Mulitplie UTMs are reporting this same threat with different clients, we have run malware bytes and full system AV scan and can't seem to find anything.

The one PC we did find a trojan, we have cleared and just now it has said the same IP tried to get to the same site? the Reason is both DNS and Proxy...


This thread was automatically locked due to age.
Parents
  • Many hours and 16 responses later...

    still no answer from sophos... -.-

    the new sophos board sucks... :-( please give us the old one back.

  • Guys, these are false alarms, and it's not dependent on the version of UTM firmware (triggers on 9.207, 9.206, and 9.205).  I've already started a case with Sophos, they have responded, and will likely be updating the ATP pattern DB at some point to fix this.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • Guys, these are false alarms, and it's not dependent on the version of UTM firmware (triggers on 9.207, 9.206, and 9.205).  I've already started a case with Sophos, they have responded, and will likely be updating the ATP pattern DB at some point to fix this.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data