Malicious SSL certificate linked to Dyre malware from Cloudflare IP

The SIEM product I use generates alarms based on a connection from a Cloudflare IP address which uses a Malicious SSL certificate. The certificate is linked to Dyre malware and uses a certificate from November 2015 so has expired.

Has anyone experienced something similar to this or suggest a possible reason for this?

Thank you for any help or thoughts!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.