Can someone help reclassify my webpage? (details in post)

Have a website, website was incorrectly classified by CRDF. Got in touch with CRDF, had them correct their classification. Meanwhile, 10 security vendors had piggybacked on the incorrect classification, ArcSight thread intelligence among them. Tried calling support, sending emails to arcsight-virustotal@microfocus.com and mfi-cyberresarcsightsales@opentext.com, tried using the contact forms, but haven't got a reply.

9 out of the 10 security vendors were able to receive and respond to a false positive report within 1 week, but opentext has not and it's been months.

This causes companies who integrate with us to see a huge red banner in MS Edge since Microsoft Defender SmartScreen uses data which contains the report from ArcSight Threat Intelligence.

This site has been reported as unsafe

How can I report this in a manner so that you will fix your incorrect classification of "Suspicious"?

Virustotal scan: https://www.virustotal.com/gui/url/164248c4b08e36070dfdbae6a849b4fc079a7e7501ea2015a1922f913c93d016

CRDFs reclassification decision: https://threatcenter.crdf.fr/false_positive.php?ref=20240411303024

Thanks!

Parents
  • 0

    Hi Tarald,

    i am very sorry for the inconvenience this has caused to you. I have now reached out to my research team to look at it. Regardless what the result is, i will update you here once i got a reply from them.

    Please give me over the weekend and i will revert on this,

    Thanks,

    MS

  • 0 in reply to 

    Hi Markus,

    I very much appreciate that, thanks in advance!

    - Tarald

  • Verified Answer

    +1   in reply to 

    Hi Tarald,

    i am replying with my new/correct forum account now. Your request should have been successfully implemented and your evaluation is corrected now.

    Please let me know if you can see it has changed.

    Sorry for the delay and inconvenience that meant to you. I am trying to get better at responding more in time to those community posts.

    Have a great day,

    MS

    Sr. Product Line Manager |  ArcSight Threat Intelligence
    OpenText Cybersecurity

  • 0 in reply to   

    Hi ,

    One of our websites has been flagged as "Suspicious" by ArcSight Threat Intelligence, which has had a significant negative impact on our business. We urgently need assistance to address this issue. Could you please contact me at szymon.splawski[at]locon.pl so I can provide more detailed information? I am unable to share specifics here to protect our business secrets and avoid potential losses for our client.

    Thank you for your understanding and prompt attention to this matter.

    Best regards,
    Szymon

  • 0   in reply to 

    Hi Szymon,

    thanks for reaching out! Have you triggered the VirusTotal false positive process? We need to handle it this way so that we can ensure both, WE in our source data and VirusTotal on their backend do the needful to change your evaluation.

    Once you triggered the process on your end, we receive a notification from the VT process and start working on it.

    In case you have triggred this during the last 1-2 days, then we likely have already received your inquiry and already work on it.

    We can verify once you triggered on VT site. Just sent me a personal message with the domain in question and i can verify.

    Thanks,

    Markus

    Sr. Product Line Manager |  ArcSight Threat Intelligence
    OpenText Cybersecurity

Reply
  • 0   in reply to 

    Hi Szymon,

    thanks for reaching out! Have you triggered the VirusTotal false positive process? We need to handle it this way so that we can ensure both, WE in our source data and VirusTotal on their backend do the needful to change your evaluation.

    Once you triggered the process on your end, we receive a notification from the VT process and start working on it.

    In case you have triggred this during the last 1-2 days, then we likely have already received your inquiry and already work on it.

    We can verify once you triggered on VT site. Just sent me a personal message with the domain in question and i can verify.

    Thanks,

    Markus

    Sr. Product Line Manager |  ArcSight Threat Intelligence
    OpenText Cybersecurity

Children