Microsoft URL being DNS sinkholed suddenly?

Reply
Highlighted
L0 Member

Microsoft URL being DNS sinkholed suddenly?

Has anyone else started getting DNS sinkhole threat alerts for the below domain? About half a day ago I started getting a tonne of sinkhole alarms from our PA for this URL. It looks to be a legitimate Microsoft domain and IP. In the PA threat log it comes up as Spyware.

 

skypedataprdcolase04.cloudapp.net

 

The PA threat vault shows the below:

BStojceski_0-1591526540792.png

Anyone else seeing this and any word of why it is happening? I'm getting alerts all day and from a whole lot of different internal hosts.

 

Thanks


Accepted Solutions
Highlighted
L0 Member

It seemed to eventually stop itself overnight. I did notice the threat ID disappeared from the threat DB a couple of hours before my post, so maybe it took time for the PA's to sync and stop triggering alerts? Seems to be OK now.

View solution in original post

Tags (1)

All Replies
Highlighted
L0 Member

Same here, alerting around every 10 to 15 minutes. 

Highlighted
L0 Member

i have got the same  thing to today , was it solved from your end .

 

all seem legit for me .

Highlighted
L0 Member

It seemed to eventually stop itself overnight. I did notice the threat ID disappeared from the threat DB a couple of hours before my post, so maybe it took time for the PA's to sync and stop triggering alerts? Seems to be OK now.

View solution in original post

Tags (1)
Highlighted
L6 Presenter

The DNS Security signature was disabled on 06/05/2020 14:22 PDT, and the Anti-Spyware DNS signature is no longer present with 06/07's release of the Antivirus package version 3372-3883. Please upgrade to this version (or later) to have the signature removed.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!