02-18-2025 06:07 AM
After a recent update to MalwareBytes Cortex XDR is now detecting and blocking it.
Has anyone else seen this, and is there a was to allow the MalwareBytes Digital Signature? I prefer not to have to allow the hash for each version.
02-18-2025 09:41 PM
Hello @GaryM ,
I would suggest you to first have a TAC case opened to confirm the reputation of the detection. This may be post-detection alert, this kind of alert triggers when a benign file is allowed to run in an environment but later the verdict gets changed to malware in the cloud. Please refer to the Wildfire Post-Detection (Malware and Grayware) in the below document. https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-pro-admin/endpoint-security/endpoint-...
TAC can help you to identify and correct the reputation. If it is legitimate malware detection, and you want to accept this risk, you can go with exception configuration.
If you feel this has answered your query, please let us know by clicking on "mark this as a Solution". Thank you.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
