Hi Alex...
I've whitelisted the two sigs... until they fix them.. so that might help a
little.
Cheers,
Steve
Twitter: @sanesecurity
On 28 April 2018 04:23:51 Alex wrote:
Hi,
I can't imagine outright blocking https://goo.gl is not a mistake.
MBL_6882958 and
Hi,
I can't imagine outright blocking https://goo.gl is not a mistake.
$ sigtool --find-sigs MBL_6888621 | sigtool --decode-sigs
VIRUS NAME: MBL_6888621
TARGET TYPE: ANY FILE
OFFSET: *
DECODED SIGNATURE:
https://goo.gl
MBL_6882958 and MBL_6888621 both hit on https://goo.gl.
I've reported this