About Chris05

Chris05 · 06-14-2024

We had an endpoint automatically isolate with a high severity retrospective detection, as per our settings. A couple days later, the same endpoint had another high severity retrospective detection but there was no attempt by the console to automatica...

Chris05 · 04-09-2024

Last night we started getting GT:JS.Hyena.3.x detections on a number of computers. We are continuing to receive them, over 150 machines so far. Anyone else seeing this?

Chris05 · 04-04-2024

I'm searching for details on how adding trusted networks to the remembered devices policy will affect the authentication process. Does it disable mfa when on these networks? It says "always allow authentications on remembered devices", and I'm just...

Chris05 · 06-14-2024

Thank you for this information. We recently had this happen and had to get a technician onsite to unisolate the laptop manually. If it happens again, I'll try start/stopping from the console a few more times.

Chris05 · 04-10-2024

As of now, it still hasn't been confirmed as a false positive. I will post again when we hear back from TAC.

Chris05 · 04-10-2024

Thank you Matthew. Yes, we also opened a TAC case yesterday. Last update was from yesterday afternoon. Hello, Talos is still investigating the issue at hand.Far as the alerts, you can do the following options: Add a "Threat" type exclusion for the s...

Chris05 · 04-10-2024

We also continue to get these - a few hundred more detections throughout the night.

Member Since	‎08-10-2023 07:40 AM
Date Last Visited	‎07-04-2024 01:36 AM
Posts	7
Total Helpful Votes Received	8

User Statistics

User Activity

Automatic Isolation didn't happen with retrospective detection

False positive? GT:JS.Hyena.3 detections

Remembered Devices Policy> Add Trusted Networks

Re: Isolation Issue Not IN Sync

Re: False positive? GT:JS.Hyena.3 detections

Re: False positive? GT:JS.Hyena.3 detections

Re: False positive? GT:JS.Hyena.3 detections