We see many false positives in the compromised hosts list, to the point where it makes the list almost useless. Most of them seem to be legitimate web advertising that is detected as Malware CnC. The most common of these is assets.ubembed.com and <randomstring>.js.ubembed.com.
Is there some workaround to whitelist these or otherwise reduce the number of false positives?
Working with a customer with some serious issues, this is really annoying that these show up if not updating. As said, better if you just simply turned the feature off than report false positives constantly. Really annoying.