topic Threat 576037320 in Advanced Threat Prevention Discussions https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-576037320/m-p/535631#M1890 <P><SPAN class="test-id__field-value slds-form-element__static slds-grow " data-aura-rendered-by="71570:0"><SPAN class="uiOutputTextArea" data-aura-rendered-by="71560:0" data-aura-class="uiOutputTextArea">Hi Team,</SPAN></SPAN></P> <P><SPAN class="test-id__field-value slds-form-element__static slds-grow " data-aura-rendered-by="71570:0"><SPAN class="uiOutputTextArea" data-aura-rendered-by="71560:0" data-aura-class="uiOutputTextArea">Threat 576037320 was released in one of the recent anti-virus definitions and we were wondering if we could get some more information as to why the domain of "<A href="http://wvtc.com" target="_blank" rel="noopener" data-aura-rendered-by="71562:0">wvtc.com</A>" was flagged as malicious. This domain belongs to one of our customers and we frequently send emails to this domain from one of our services. When the domain was flagged as a threat,</SPAN></SPAN></P> <P>&nbsp;</P> <P><SPAN class="test-id__field-value slds-form-element__static slds-grow " data-aura-rendered-by="71570:0"><SPAN class="uiOutputTextArea" data-aura-rendered-by="71560:0" data-aura-class="uiOutputTextArea">We put in a DNS signature exception to our anti-spyware profile to allow this traffic through for now but would like to understand why this domain was deemed malicious in the first place.</SPAN></SPAN></P> Fri, 24 Mar 2023 04:25:25 GMT vij 2023-03-24T04:25:25Z Threat 576037320 https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-576037320/m-p/535631#M1890 <P><SPAN class="test-id__field-value slds-form-element__static slds-grow " data-aura-rendered-by="71570:0"><SPAN class="uiOutputTextArea" data-aura-rendered-by="71560:0" data-aura-class="uiOutputTextArea">Hi Team,</SPAN></SPAN></P> <P><SPAN class="test-id__field-value slds-form-element__static slds-grow " data-aura-rendered-by="71570:0"><SPAN class="uiOutputTextArea" data-aura-rendered-by="71560:0" data-aura-class="uiOutputTextArea">Threat 576037320 was released in one of the recent anti-virus definitions and we were wondering if we could get some more information as to why the domain of "<A href="http://wvtc.com" target="_blank" rel="noopener" data-aura-rendered-by="71562:0">wvtc.com</A>" was flagged as malicious. This domain belongs to one of our customers and we frequently send emails to this domain from one of our services. When the domain was flagged as a threat,</SPAN></SPAN></P> <P>&nbsp;</P> <P><SPAN class="test-id__field-value slds-form-element__static slds-grow " data-aura-rendered-by="71570:0"><SPAN class="uiOutputTextArea" data-aura-rendered-by="71560:0" data-aura-class="uiOutputTextArea">We put in a DNS signature exception to our anti-spyware profile to allow this traffic through for now but would like to understand why this domain was deemed malicious in the first place.</SPAN></SPAN></P> Fri, 24 Mar 2023 04:25:25 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/threat-576037320/m-p/535631#M1890 vij 2023-03-24T04:25:25Z