all InfoSec news
Emotet alert on SIEM ! | Closed as false positive ?! | Are we being tricked ? |
April 2, 2022, 10:37 a.m. | /u/Agent_B99
cybersecurity www.reddit.com
Source IP was ok but Destination IP was flagged as malicious by 17 vendors on VirusTotal although SpamHause got no results as malicious.
The Virustotal community talked about Emotet and RCE so I reported the alert to my superiors.
They closed it after 1 hour as a false positive with the comment that " destination IP is a religious site in Serbia " …
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Engineer, Incident Response
@ Databricks | Remote - Netherlands
Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)
@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
Data Security Architect
@ Accenture Federal Services | Washington, DC
Identity Security Administrator
@ SailPoint | Pune, India