Alert on Security Centre -

SCC
Building a reputation

Alert on Security Centre -

Hi Team,

I like to know we are seeing these prevalent threats under Meraki Security Center.

 

Win.Trojan.FANCYBEAR variant binary download attempt

 

Suspicious .top dns query

 

How to resolve these issues.

 

1 REPLY 1
CptnCrnch
Kind of a big deal

Somebody within your environment seems to have received a malicious attachment (possibly) that tries to download some nasty stuff from the internet. Malware nowadays almst never comes in its "pure" form, but rather an innocently looking Office document that by using Macros and Powershell will download the "real" malware.

 

You should therefore take a look at which machine is causing these threats and have your endlpoint team take a look at what's happening on that box.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels