Hi everyone, looks like I have a similar situation to a few people.
NO Windows machines on the network, just OSX and Linux (QNAP). Woke up to over 1400 emails regarding ATP C2/Generic-A. But the originiating seems to be from AFCd? Any idea what this is?
Googling has given me no ideas. Any ideas anyone?
I also had this on all of my Appliances.
For me it seems that they are trying to resolve these domain names at all available IP's, like scanning for open resolvers and since the domain is in ATP there's an alert.