A knowledge base article about Why did I get a Compromised Host / Possibly Compromised System notice and what should I do? provided by the UC Berkeley IT Service Hub - Knowledge Portal
The Information Security Office (ISO) operates several "Intrusion Detection Systems” (IDS) to detect and respond to security incidents involving computers connected to the campus networks, including wired, wireless, and remote.
These systems monitor and analyze network traffic and generate alerts. Alerts are reviewed by ISO security analysts and, if warranted, notifications are sent to endpoint device owners for investigation and remediation.
Did you receive an email from security@berkeley.edu with Compromised Host / Possibly Compromised System in the Subject line?
Please see our Respond to a Security Notice page for detailed information and instructions on how to respond.