Malware Server Findings Ingrid ⇤ Compromised Systems Findings The Malware Servers risk vector is an indication that a system is engaging in malicious activity, such as phishing, fraud, or scams. A company’s network is hosting malware that is meant to lure visitors to a website or send a file that injects malicious code or viruses. Navigation Options SPM App: Findings ➔ Findings Table CM App: Select a company from your Companies List. Go to Vendor Risk ➔ Findings Insurance App: Select a company from your Companies List. Go to Client Risk ➔ Findings Bitsight API: GET /v1/companies/entity_guid/findings?risk_vector=malware_servers Finding Details *Availability varies based on the detection mechanism. The details include the data in Findings, Compromised Systems details, and also the following information: Field Description C&C Domain* The domain name of the affected server, which is likely the C&C server or is a sinkhole. A device acting as part of a botnet was seen communicating with this server. To evade firewall filtering, this field occasionally lists a non-malicious domain. Listening Port This port was observed to be open and accepting traffic (listening) on the compromised device. Protocol The network protocol used in the communication attempt. October 29, 2024: Findings Table navigation instructions moved from Risks to a new Findings section in the menu. January 19, 2024: Navigation by application. April 6, 2021: Forensics integrated into Findings. Related articles Malware Servers Risk Vector Compromised System Findings How is the Malware Servers Risk Vector Observed? CM App: Companies List GET: Malware Servers Finding Details Feedback 0 comments Please sign in to leave a comment.