Devices in use: sg105, sg135, sg430
Firmware v9.505-4
Late yesterday all my UTMs started sending notification of attempts to contact a known malware C&C server. The advanced threat protection alert describes the attempted domain name as alpha.isp-platform.com. That DNS name translates to IP 192.81.134.54. Can anyone else corroborate this? I can not find any indication via web search that this is a malicious server. Is this a legitimate problem or a false positive by Sophos?
Thanks,
D
This thread was automatically locked due to age.