Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

C2/Generic-A ON SG Firewall from Windows Server

Hello,

a SG 135 reports a malware(?) from our domain controller.

Is this another false alarm? The local Sophos virus scanner shows nothing.



Advanced Threat Protection

A threat has been detected in your network The source IP/host listed below was found to communicate with a potentially malicious site outside your company.

Details about the alert:

Threat name....: C2/Generic-A
Details........: www.sophos.com/.../C2~Generic-A.aspx
Time...........: 2022-10-20 09:17:46
Traffic blocked: yes

Source IP address or host: 192.168.10.x

--
System Uptime : 25 days 12 hours 33 minutes
System Load : 0.28
System Version : Sophos UTM 9.711-5

Please refer to the manual for detailed instructions.

The send limit for this notification has been reached. No further notifications of this type will be sent during this period.



This thread was automatically locked due to age.
Parents Reply
  • Almost certainly a false-positive, Chriz. I've seen two sophos.com links identified as malicious recently - a kid working at a competitor, I guess.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data