Getting a bunch of Gateway AV alerts in the last half hour - sig 22097568
Gotten this from two machines in the last half hour, searching the SW sig database shows no results.
09/21/2022 22:24:21 - 809 - Security Services - Alert - 184.108.40.206, 80, X1 - 192.168.1.68, 56574, X0 - Gateway Anti-Virus Alert: (Cloud Id: 22097568) Dropper.GEN (Trojan) blocked.
virus scans on the machines are clean, and the three sets of alerts are to CDNs:
220.127.116.11 is limelight.com
18.104.22.168 is edgecast.com
22.214.171.124 is stackpath.com
This feels like a false positive to me? Any other users seeing this? Any thoughts?