Getting a bunch of Gateway AV alerts in the last half hour - sig 22097568
Gotten this from two machines in the last half hour, searching the SW sig database shows no results.
09/21/2022 22:24:21 - 809 - Security Services - Alert - 188.8.131.52, 80, X1 - 192.168.1.68, 56574, X0 - Gateway Anti-Virus Alert: (Cloud Id: 22097568) Dropper.GEN (Trojan) blocked.
virus scans on the machines are clean, and the three sets of alerts are to CDNs:
184.108.40.206 is limelight.com
220.127.116.11 is edgecast.com
18.104.22.168 is stackpath.com
This feels like a false positive to me? Any other users seeing this? Any thoughts?