FYI to other bussines customers, I've already opened two support tickets requesting that Webroot verify they are blocking all MD5s and FQDNs that Mandiant released in their APT1 report.
http://intelreport.mandiant.com/
I will update this post once I have confirmation.
EDIT: Webroot has confirmed they have been blocked. Before I opened the ticket, I tried adding a bunch to overrides and Webroot was already blocking quiet a few of the MD5s already. Nice job.
Answer
Support ticket regarding Mandiant APT1 MD5s/FQDNs
+6Best answer by explanoit
Webroot has confirmed they have been blocked. Before I opened the ticket, I tried adding a bunch to overrides and Webroot already knew about quite a few of the files and already had them as malicious.
---------------------------------------- Business Products Sr. Community Leader and Expert Advisor - WSA-Enterprise administrator over 2000 clients First company to 1000+ WSA endpoints | Power User / Business Ambassador / WSA-C and WSA-E Beta tester Find me on Twitter!
+6Webroot has confirmed they have been blocked. Before I opened the ticket, I tried adding a bunch to overrides and Webroot already knew about quite a few of the files and already had them as malicious.
---------------------------------------- Business Products Sr. Community Leader and Expert Advisor - WSA-Enterprise administrator over 2000 clients First company to 1000+ WSA endpoints | Power User / Business Ambassador / WSA-C and WSA-E Beta tester Find me on Twitter!
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.