Skip to main content
FYI to other bussines customers, I've already opened two support tickets requesting that Webroot verify they are blocking all MD5s and FQDNs that Mandiant released in their APT1 report.

 

http://intelreport.mandiant.com/

 

I will update this post once I have confirmation.

 

EDIT: Webroot has confirmed they have been blocked. Before I opened the ticket, I tried adding a bunch to overrides and Webroot was already blocking quiet a few of the MD5s already. Nice job.
Webroot has confirmed they have been blocked. Before I opened the ticket, I tried adding a bunch to overrides and Webroot already knew about quite a few of the files and already had them as malicious.

Reply