Hi all, This article provides details on how to avoid RDP brute force attacks with Sophos UTM. Please see below for details: Sophos UTM: How to avoid RDP brute force attacks Regards,

Hello, First, sorry for my english, you know french guys don't speaks correctly english x) .... I have an alert on Sophos UTM 9 in network protection Advanced threat protection : ip source : (my server DNS) adresse ip de destination : mrdistrupd…

We have been getting a LOT of IPS attacks lately. Getting Snort 38330 MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt from several internal IPs. Snort doesnt give much information.... is there a good chance these hosts are infected? Sophos Cloud AV…

Is anyone seen increase from udp:53 to udp:41255 srcip="65.111.165.141" dstip="xxx.xxx.xxx.xxx" proto="17" length="537" tos="0x00" prec="0x00" ttl="120" srcport="53" dstport="41255 srcip="95.0.160.245" dstip="xxx.xxx.xxx.xxx" proto="17" length="511…

Hi, I had 2 attacks blocked, it is a bummer that I can't drill down on the actual text, but I found more detail in the "Network Protection" menu under "IPS: Top Blocked Attacks" I can figure out the host inside that tried to send the packet out…