07-27-2021 08:51 AM
Getting a stack of DFC Threat Detected for an ip...
205[.]185[.]216[.]42
Its a CDN in Texas...
Talos says it's bad... but its resolving to things like dl.delivery.mp.microsoft.com, etc.
Solved! Go to Solution.
07-27-2021 11:09 AM
View solution in original post
07-27-2021 10:36 AM
Hello @Ken Stieers,talos is already investigating the issue. Should be fixed soon.Greetings,Thorsten
07-27-2021 10:40 AM
It's been 2 hours now since our system picked it up from AMP and Firepower. Is this false positive or for real?
07-27-2021 11:18 AM
Thanks for posting, starting to consider isolating so pleased you posted this as when looking into the detail didn’t stack up.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
