Signature 2039775 -- Should it be Critical Severity?

Reading Cyble’s write-up of the threat detected by signature 2039775, it sounds as though the traffic being matched is generated by malware once it’s running on an endpoint. As such, shouldn’t it be of “Critical” severity instead of “Major”?

1 Like

Hey @samjenk - You’re definitely right on this one. I’ve updated the severity and the changes will be reflected in today’s release. It’s always great to hear that community members find the metadata and references useful :smiley_cat: !


1 Like

Couldn’t do my job without them!

Thanks for getting that updated, @ishaughnessy.