11-02-2023 03:07 PM
Hi,
Our website, electask.com, was recently cleared of a false positive by CDRF and now has 0/90 vendors on VirusTotal flagging us as malicious. Can you please reduce our risk level?
Best,
Max
11-06-2023 04:09 PM
here is the response from our internal engineering team.
This domain was released as high-risk on 10/12/2023 as we observed the malicious child URL electask[.]com/k56b (VT 7 hits) on the same day. Our standard policy is to re-evaluate the risk level 30 days after the last release (i.e. 11/12/2023) and lower the risk if the malicious URL(s) are no longer present. However, I manually analyzed the domain and since the malicious URL is cleaned now, we lowered the risk to low-risk now.
==========
electask.com is now Low Risk
11-02-2023 03:15 PM
This is not the place for these types of requests. This is for files and for non-customers to request a verdict change for their files.
The reason you are seeing a high risk by Palo Alto Networks is due to this URL being deemed malware:
electask[.]com/k56b
You can do a Request Change here:
https://urlfiltering.paloaltonetworks.com/
We will then do a manual review of the URL.
11-02-2023 03:17 PM
Thank you. https://www.electask.com/k56b just directs to a 404. I'll submit a review
11-02-2023 03:21 PM
Hi Dabone,
When I submit a request it gives me the following message:
11-02-2023 03:23 PM
Are you a Palo Alto customer? If so, open a TAC case. If not, you can do the Request Change, and if it is changed, the Risk level will be lowered after ~30 days.
11-02-2023 03:28 PM
I am not a customer. Is there anyway to get it faster than 30 days? Our customers use PANW and it’s impacting our business
11-02-2023 06:39 PM
Hello,
I have engaged our internal PANDB team to review this issue.
Here is a link to the ticket for reference. This is not a public facing domain. This is for reference for those that can assist with any updates. This could take a couple of working days for a response.
PDE-2806
11-03-2023 05:34 AM
You're awesome. Thank you very much for the help!
11-06-2023 09:57 AM
Hi DaBone,
I'm still seeing us as "high-risk." Is there any update on your end? Thank you again very much for looking into this.
Best,
Max
11-06-2023 02:44 PM
I inquired from the engineers about the progress on this issue.
11-06-2023 04:09 PM
here is the response from our internal engineering team.
This domain was released as high-risk on 10/12/2023 as we observed the malicious child URL electask[.]com/k56b (VT 7 hits) on the same day. Our standard policy is to re-evaluate the risk level 30 days after the last release (i.e. 11/12/2023) and lower the risk if the malicious URL(s) are no longer present. However, I manually analyzed the domain and since the malicious URL is cleaned now, we lowered the risk to low-risk now.
==========
electask.com is now Low Risk
11-06-2023 04:19 PM
You all are awesome! Thank you so much!
Max
11-06-2023 04:28 PM
You're very welcome; we are happy to help.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
