We have had a detection on one of our customers network which is named UNKNOWN and has a SHA of all 0's, it has been quarantined and is creating tickets in the AMP inbox, but there is no way to tell what this is.
Has anyone seen this before and is there any way of looking into this without a diagnostics file being obtained and sent to Cisco TAC?
I have just received an email that looks like the attached (redacted) email telling me that I need to activate my Cisco Security account. What do I do with this?
1. This is an entitlement for a Cisco Security account. It is used ...
As one of the largest security companies in the world, we take great pride in building solutions that many thousands of organizations trust to secure their networks. Small businesses and large enterprises alike rely on Cisco firewalls to keep their organi...
Register for the March 14th webinar at 12pm PT / 3PM ET
Learn how to quickly stop threats by integrating your Cisco Security products:
Sharpen your threat hunting expertise using Umbrella, AMP, Email Security, Threat Grid, and Cisco Threa...
We’ve expanded the capabilities of our Stealthwatch platform to become the first security analytics product to detect threats in unencrypted and encrypted traffic across private networks and public multi-cloud environments.
Learn more here.