We have issues with our e-mails being delayed to servers using symantech and messagelabs.com.
I found the previous post: https://www.symantec.com/connect/forums/emails-being-rejected-delayed-filtered-messagelabs
which suggests e-mailing email@example.com and submitting e-mails for investigation; however, this e-mail sends a kickback anytime I try sending samples. How do we get this issue corrected??
We are experiencing a strange DDOSBotnet DDOS attack from inside our network.
Tries to login with a NULL SID attack (as ancient as that is) with about 15 or so attempts in a second. Then it pulls another user and machine from AD and runs the same attack over again. Of ourse, the attack fails from a login perspective but does keep the server busy for a bit. Appears to be an APT but uses the stupid Null SID attack to try to login. Again this is like an internal botnet with one machine after another trying the Null Sid resulting in a 4625 being logged in my Windows server Security auditing failed events log.
Its as though our whole network is executing this attack against this one server one worstation at a time. Whatever this is it was not caught by SEP in any way. Same thing with Malware Bytes
Thanks for any ideas!