Is anyone else seeing ATP alerts for the IP 192.229.211.108? It looks like it's a Digicert server, so I'm hoping it's a false alarm.
Steve
Others are reporting this: https://www.reddit.com/r/sophos/comments/12ddqns/an_attempt_to_communicate_with_a_botnet_or/
We're also seeing tons of ATP alerts that appear to be valid DNS requests to 8.8.8.8 , 1.0.0.3, 208.67.222.222 etc.
Anyone else?