Hi all, anyone else getting a ton of security alerts?
I have been smashed with hundreds of alerts for Malware detected in the last 12-24 hours - almost all my protected endpoints reporting.
I have tried to mark as trusted, tried to add to global whitelist but so far no luck.
And there appears no quick way to pause or stop alerts, it is 7am and within 30 mins my phone will start ringing from clients with pop ups, it is going to be one of those days…
To me, this has to be addressed at the scanning/signature level, where is the monitoring or valkie report ?
Should I mention no easy way to trace or mark as safe from emails/tickets ?
Cheers
mcfproservices
New ticket #7927 created
| From: | Greg xxxxxxxxxxxxxxxxxxxxx |
| Department: | Support |
Type of ticket creator: monitoring
Event Created at: Mon Mar 21 20:12:57 2022 GMT+0
Device Name: cad4
Logged on User: ReXXXXXXly
Data: Malware Handled Monitor : Malware detected: C:\ProgramData\Package Cache{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditio nal_x86\cab1.cab, Malware@#nka6x1mu4xvu, Detect AND Malware Handled Monitor : Malware handled: C:\ProgramData\Package Cache{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}v12.0.21005\packages\vcRuntimeAdditio nal_x86\cab1.cab|F_CENTRAL_mfc120_x86, Malware@#nka6x1mu4xvu, Quarantine
AND
Type of ticket creator: monitoring
Event Created at: Mon Mar 21 20:18:25 2022 GMT+0
Device Name: STXXXX7 LXXXX
Logged on User: N/A
Data: Malware Handled Monitor : Malware detected: C:\Windows\Installer\d296.msi, Malware@#3r5p0ww1mj4ph, Detect AND Malware Handled Monitor : Malware handled: C:\Windows\Installer\d296.msi|cab1.cab|HPSFReportE xeConfig, Malware@#3r5p0ww1mj4ph, Quarantine