Sophos found threat
Posted: 04 Jun 2024 09:56
Hello,
my Sophos endpoint found following threat
Disrupt_2a (T1574.002) found in C:\XYplorer\XYplorer.exe
for the Sophos KB:
"The "Disrupt" detections are related to our Adaptive Attack Protection. These typically indicate an active, hands-on attack within your environment. Please see the knowledgebase article at https://support.sophos.com/support/s/ar ... uage=en_US and take immediate action".
For now I've disable Adaptive Attack Protection and set the exclusion for C:\XYplorer folder.
Can you investigate about this ?
thanks in advance
Best regards
Davide
my Sophos endpoint found following threat
Disrupt_2a (T1574.002) found in C:\XYplorer\XYplorer.exe
for the Sophos KB:
"The "Disrupt" detections are related to our Adaptive Attack Protection. These typically indicate an active, hands-on attack within your environment. Please see the knowledgebase article at https://support.sophos.com/support/s/ar ... uage=en_US and take immediate action".
For now I've disable Adaptive Attack Protection and set the exclusion for C:\XYplorer folder.
Can you investigate about this ?
thanks in advance
Best regards
Davide