We have been getting a LOT of IPS attacks lately. Getting Snort 38330 MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt from several internal IPs. Snort doesnt give much information.... is there a good chance these hosts are infected? Sophos Cloud AV…

Hi, I had 2 attacks blocked, it is a bummer that I can't drill down on the actual text, but I found more detail in the "Network Protection" menu under "IPS: Top Blocked Attacks" I can figure out the host inside that tried to send the packet out…