https://live.paloaltonetworks.com/t5/general-topics/js-exploit-pdfka-iiq-280954/m-p/44491#M32651 <HTML><HEAD></HEAD><BODY><P style="margin-bottom: .0001pt; background: white;"><SPAN style="font-size: 10.0pt; font-family: 'Helvetica','sans-serif'; color: #3b3b3b;">At this time, only antivirus signatures for PE viruses (<SPAN class="GINGER_SOFATWARE_correct GINGER_SOFATWARE_noSuggestion">executables</SPAN>) are in the threat vault, aside from the vulnerability and anti-spyware signatures.&nbsp;&nbsp; These signatures are in the ID range of 2M – 3M. To find out additional information on the malware that the PE antivirus signatures trigger, you can search the threat vault by signature ID or name,&nbsp; There is no additional information available in the threat vault aside from what is already shown in the threat details dialog in PAN-OS.</SPAN></P><P style="background-color: white;"><SPAN style="font-size: 10.0pt; font-family: 'Helvetica','sans-serif'; color: #3b3b3b;"> </SPAN></P><P style="background-color: white;"><SPAN style="font-size: 10.0pt; font-family: 'Helvetica','sans-serif'; color: #3b3b3b;">We are working on a threat vault enhancement that will show additional signature types later this year. There is no firm release date for this enhancement at this time.</SPAN></P><P style="background-color: white;"><SPAN style="font-size: 10.0pt; font-family: 'Helvetica','sans-serif'; color: #3b3b3b;"> </SPAN></P><P><SPAN style="color: #3b3b3b; font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif;">However, if the information for a detected virus on the Palo Alto Networks firewall is not available in the Threat Vault. Please follow below mentioned documents.</SPAN></P><P><SPAN style="color: #3b3b3b; font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif;"><BR /></SPAN></P><P><A href="https://live.paloaltonetworks.com/docs/DOC-5316">How to Find Virus Details if Not Available in the Threat Vault</A></P><P><A href="https://threatvault.paloaltonetworks.com/" title="https://threatvault.paloaltonetworks.com/">https://threatvault.paloaltonetworks.com/</A></P><P></P><P>Thanks</P></BODY></HTML> Tue, 03 Sep 2013 16:39:32 GMT HULK 2013-09-03T16:39:32Z https://live.paloaltonetworks.com/t5/general-topics/js-exploit-pdfka-iiq-280954/m-p/44490#M32650 <HTML><HEAD></HEAD><BODY><P>Is anyone else seeing this Virus threat ID trigger? It appears to be a false positive, but I cannot find any description in the threat vault. </P></BODY></HTML> Tue, 03 Sep 2013 15:23:02 GMT https://live.paloaltonetworks.com/t5/general-topics/js-exploit-pdfka-iiq-280954/m-p/44490#M32650 jam1 2013-09-03T15:23:02Z https://live.paloaltonetworks.com/t5/general-topics/js-exploit-pdfka-iiq-280954/m-p/44491#M32651 <HTML><HEAD></HEAD><BODY><P style="margin-bottom: .0001pt; background: white;"><SPAN style="font-size: 10.0pt; font-family: 'Helvetica','sans-serif'; color: #3b3b3b;">At this time, only antivirus signatures for PE viruses (<SPAN class="GINGER_SOFATWARE_correct GINGER_SOFATWARE_noSuggestion">executables</SPAN>) are in the threat vault, aside from the vulnerability and anti-spyware signatures.&nbsp;&nbsp; These signatures are in the ID range of 2M – 3M. To find out additional information on the malware that the PE antivirus signatures trigger, you can search the threat vault by signature ID or name,&nbsp; There is no additional information available in the threat vault aside from what is already shown in the threat details dialog in PAN-OS.</SPAN></P><P style="background-color: white;"><SPAN style="font-size: 10.0pt; font-family: 'Helvetica','sans-serif'; color: #3b3b3b;"> </SPAN></P><P style="background-color: white;"><SPAN style="font-size: 10.0pt; font-family: 'Helvetica','sans-serif'; color: #3b3b3b;">We are working on a threat vault enhancement that will show additional signature types later this year. There is no firm release date for this enhancement at this time.</SPAN></P><P style="background-color: white;"><SPAN style="font-size: 10.0pt; font-family: 'Helvetica','sans-serif'; color: #3b3b3b;"> </SPAN></P><P><SPAN style="color: #3b3b3b; font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif;">However, if the information for a detected virus on the Palo Alto Networks firewall is not available in the Threat Vault. Please follow below mentioned documents.</SPAN></P><P><SPAN style="color: #3b3b3b; font-family: 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif;"><BR /></SPAN></P><P><A href="https://live.paloaltonetworks.com/docs/DOC-5316">How to Find Virus Details if Not Available in the Threat Vault</A></P><P><A href="https://threatvault.paloaltonetworks.com/" title="https://threatvault.paloaltonetworks.com/">https://threatvault.paloaltonetworks.com/</A></P><P></P><P>Thanks</P></BODY></HTML> Tue, 03 Sep 2013 16:39:32 GMT https://live.paloaltonetworks.com/t5/general-topics/js-exploit-pdfka-iiq-280954/m-p/44491#M32651 HULK 2013-09-03T16:39:32Z https://live.paloaltonetworks.com/t5/general-topics/js-exploit-pdfka-iiq-280954/m-p/44492#M32652 <HTML><HEAD></HEAD><BODY><P>Thanks Hulk.</P></BODY></HTML> Tue, 03 Sep 2013 17:05:08 GMT https://live.paloaltonetworks.com/t5/general-topics/js-exploit-pdfka-iiq-280954/m-p/44492#M32652 jam1 2013-09-03T17:05:08Z https://live.paloaltonetworks.com/t5/general-topics/js-exploit-pdfka-iiq-280954/m-p/44493#M32653 <HTML><HEAD></HEAD><BODY><P>So in short... PA doesnt (currently) protect against Android malwares as stated by this blog entry at PA site (even if wildfire can detect such)?</P><P></P><P><A href="http://researchcenter.paloaltonetworks.com/2013/08/parasites-android-malware-discovered-by-wildfire/" title="http://researchcenter.paloaltonetworks.com/2013/08/parasites-android-malware-discovered-by-wildfire/">Parasites Android Malware Discovered by WildFire - Palo Alto Networks Blog</A></P></BODY></HTML> Tue, 03 Sep 2013 18:50:29 GMT https://live.paloaltonetworks.com/t5/general-topics/js-exploit-pdfka-iiq-280954/m-p/44493#M32653 mikand 2013-09-03T18:50:29Z