topic Re: Accessing a specific website triggering Spyware THREAT signatures in General Topics https://live.paloaltonetworks.com/t5/general-topics/accessing-a-specific-website-triggering-spyware-threat/m-p/426956#M94561 <P>There are many resources in the internet that you may use to check these websites or urls. You can use Palo Alto's url checker/ site tester too,</P><P><A href="https://urlfiltering.paloaltonetworks.com/" target="_blank">https://urlfiltering.paloaltonetworks.com/</A></P><P>&nbsp;</P><P>The ones that you have listed seem to have low risk but these have not yet been rated malicious. Location in China.</P><P>If not required for business you may check internally and have them blocked.</P> Mon, 16 Aug 2021 05:48:15 GMT rubber_ducky 2021-08-16T05:48:15Z Accessing a specific website triggering Spyware THREAT signatures https://live.paloaltonetworks.com/t5/general-topics/accessing-a-specific-website-triggering-spyware-threat/m-p/426730#M94531 <P>Accessing following website is generating Spyware THREAT signatures. Does this means website is compromised and access should be blocked?</P><P>&nbsp;</P><P>Website:&nbsp;</P><P><A href="http://www.51qiti.com" target="_blank">www[.]51qiti.com</A></P><P><A href="http://www.51qiti[.]com/faq/Faq1217.htm" target="_blank">www.51qiti[.]com/faq/Faq1217.htm</A></P><P>&nbsp;</P><P>Triggered signatures:</P><P>Suspicious PHP Command and Control Traffic Detection(85633)</P><P>Steganographic Webshell File Detection(85633)</P><P>&nbsp;</P> Fri, 13 Aug 2021 13:18:58 GMT https://live.paloaltonetworks.com/t5/general-topics/accessing-a-specific-website-triggering-spyware-threat/m-p/426730#M94531 Tanmoy 2021-08-13T13:18:58Z Re: Accessing a specific website triggering Spyware THREAT signatures https://live.paloaltonetworks.com/t5/general-topics/accessing-a-specific-website-triggering-spyware-threat/m-p/426956#M94561 <P>There are many resources in the internet that you may use to check these websites or urls. You can use Palo Alto's url checker/ site tester too,</P><P><A href="https://urlfiltering.paloaltonetworks.com/" target="_blank">https://urlfiltering.paloaltonetworks.com/</A></P><P>&nbsp;</P><P>The ones that you have listed seem to have low risk but these have not yet been rated malicious. Location in China.</P><P>If not required for business you may check internally and have them blocked.</P> Mon, 16 Aug 2021 05:48:15 GMT https://live.paloaltonetworks.com/t5/general-topics/accessing-a-specific-website-triggering-spyware-threat/m-p/426956#M94561 rubber_ducky 2021-08-16T05:48:15Z