- User hit a Neutrino exploit kit.
- See the following for an example of a successful attack:
- This isn't a false positive. It correctly detects that a user has stumbled into an exploit kit.
- It is a low probability indicator of compromise by itself.
- Checked and verified that the user clearly has the latest flash version.
- Second hit was same as a above.
- Alarming on a single EK hit is questionable.
- This was a single hit with no additional suspicious or new alarms.
- Second hit, same as above.
- No action.