About noahigros

noahigros · 01-23-2024

In the last hour I've been receiving an uptick of alerts for w32.4173FC5A68.infostealer-psexec.talos.sso with the file path: File PathWscript.exefile:///C%3A/Windows/System32/Wscript.exeSome of the alerts have different command line arguments but the...

noahigros · 10-05-2023

Good afternoon, we are using Cisco AMP with our connector version being 8.2.1.21612 and are receiving numerous alerts for a filename Base64JS.min.js. Is anybody else experiencing this? Previously we had a widespread issue with a smss.exe parent proce...

noahigros · 01-23-2024

Update: Confirmed False Positive. Please see attached response from Cisco.

noahigros · 10-06-2023

Agreed, and we greatly appreciate the help from the Cisco team.

noahigros · 10-06-2023

Absolutely agree.

noahigros · 10-06-2023

Final thoughts,although we now have an accepted solution, for future reference you can also create an exclusion for events like this and apply it to your group policies. I personally don't tend to do that, as there is always the possibility of these ...

noahigros · 10-05-2023

For the retrospective quarantine attempt failure, that's a confusing feature. SEP will quarantine the initial event, but until the event is marked as resolved, it will continuously monitor it as still being present and search for the signature that n...

Member Since	‎09-12-2023 11:07 AM
Date Last Visited	‎02-23-2024 12:04 AM
Posts	12
Total Helpful Votes Received	5

User Statistics

User Activity

infostealer-psexec.talos.sso

Base64JS.min.js

Re: infostealer-psexec.talos.sso

Re: Base64JS.min.js

Re: Base64JS.min.js

Re: Base64JS.min.js

Re: Base64JS.min.js