Gateway Antivirus Alert problem with Epson printer file
Good evening, I am receiving several alerts from the nsa 2650 firewall that detect a probable threat present on a station. Specifically, the threat refers to the epson printer driver package present in the spool folder of the PC on which an epson printer is installed and shared with other users. The nod32 does not detect any anomalies as well as the scan of the files carried out on virustotal. Below is an example log. I still had to disable port 445 on the pc as it was trying to contact a target pc related to a user connected to the company vpn. Log: 17:27:22 Sep 02 1460 Security Services Inform Gateway Anti-Virus Status: CloudAV Detection. File forwarding to Sandbox truncated for filename: x64 \ 3 \ E_YUBVME.EXE. 192.168.100.22, 445, X0 192.168.168.101, 59224, X1 tc
Category: Capture Security Center
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.