- April 6, 2021: Forensics integrated into Findings.
The Malware Servers risk vector is an indication that a system is engaging in malicious activity, such as phishing, fraud, or scams. A company’s network is hosting malware that is meant to lure visitors to a website or send a file that injects malicious code or viruses.
*Availability varies based on the detection mechanism.
The domain name of the affected server, which is likely the C&C server or is a sinkhole. A device acting as part of a botnet was seen communicating with this server.
To evade firewall filtering, this field occasionally lists a non-malicious domain.
|Listening Port||This port was observed to be open and accepting traffic (listening) on the compromised device.|
|Protocol||The network protocol used in the communication attempt.|