Sha 256 e5dccb33478bf13629d0a3f0ba7daceb56d7792e0132886ed129334ec6bb2a33 detected by MAP and convicted as W32.MAP.Ransomware.rwd. Found this post https://quickview.cloudapps.cisco.com/quickview/bug/CSCvq59864, my Connector version is 7.4.1.20439. N...
What is the login URL for Cisco CSE?I know, it seems like a silly question. Hear me out:I've been using:https://console.amp.cisco.com/When I login, using the above url, sometimes it takes me to Cisco CSE;Sometimes it takes me to the Cisco Applicatio...
Dear Cisco Support Team,after upgrading to Cisco Secure Endpoint 8.4.4.30419 PowerShell Scripts/Command are blocked for 5 secondsEnvironmentWindows 11 24H2Steps to reproduceOpen PowerShell ISECreate a PowerShell Script and save it as TestExecutionDur...
We are currently in the process of planning a bulk uninstallation of Cisco Secure Endpoint across multiple systems in our environment. We would appreciate your assistance in providing guidance, best practices, and any recommended tools or scripts to ...
What is the method to remove the orphaned libcurl.dll and folder?
Would like assistance , we need to decommission this asa firewall, however I have no idea what and how everything works.need to collect the routing table , and match to current Fortigate firewall and make sure everything is there on the forti then I ...
Currently, in order for users in our organization to authenticate to our secure wifi, they are prompted for their windows AD creds, and if they authenticate successfully, and their machine has the ISE radius certificate, then the user is allowed to a...
Hi,I'm trying to install Cisco Secure Endpoint 8.4 version however I get message that "Upgrading from Secure Endpoint connector versions prior to 6.3.1 is not supported. Uninstall the old connector then install the new version."All related folders in...
Hey, I'm using Cisco Secure Endpoint and the Exploit Prevention engine recognize the KUTOOLS for EXCEL as "shellcode". I found this bag: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn30806 It's says that Engineering is working on permanent fix, ...
Seeing a lot of duplicate names/IPS, we use an imaging software for the physical environment and not sure what the best practice is to make sure the machines are getting the correct name/IP for the AMP dashboard. I have found an article for the VDI e...
We are having an issue where AMP has given multiple computers the same GUID ID. We have tried deleting the local.xml and local.xml.old files and restarting the service with no luck. I just saw that the v3 of the API has the ability to uninstall the c...
Amp service would not start. I removed AMP from the Workstation. Tried to reinstall it after a reboot. Now it thinks I am trying to upgrade from an old version. What needs to be clean off so that it does not think an old version of Amp is installe...
Hi Team,Are there any post apis to generate events? I want to use /v1/events api to pull those events.
Recently I've been noticing a higher than usual Secure Endpoint exploit prevention events sourcing from browserhost.exe which is part of McAfee WebAdvisor. Is anyone else seeing these exploit prevention events?
