PAN-OS logs

I looking for the log file that tracks the IP addresses of devices that have connected to our Palo Alto Networks firewall.

I am interested in any logs that show source and destination IP addresses for network connections.

Could you please point me to

Are there signature release for following vulnerabilities?

Hello
I'm Tomoyuki Nakamura.

Are there any plans to release signature for the vulnerabilities below?.
These were not listed in THREAT VAULT or Security Advisory.

CVE-2024-8932
CVE-2024-11236

Best Regards,
Tomoyuki Nakamura

Container Base images

In Prisma cloud how do i track base images. that is the know who is using the defined base images and who is not using them. like can i get a list of all containers leveraging the defined base images? 

Wrong behavior of Advanced URL filter

Dear experts,

Here is my question:

Our customer has registered new URL domains and configured the firewall to block all newly registered domains via the URL filtering configuration. They noticed that the new domain is NOT blocked right away but abo

reverse TCP shells and other potential backdoor connections

Hi Team,

Just one of our customer received an security query points where they wanted the firewall to block reverse TCP shells and other potential backdoor connections.

For backdoor i have went through the backdoor signatures in threat vault.

So we ha

CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

It is suggested to upgrade to version 10.2.12-h2 to remediate the vulnerability. However, the firmware version 10.2.12-h2 is currently in monitoring status. It is also mentioned that the same fix is available in version 10.2.10-h9, which is the prefe

False Positive

Hello,

Please fix false positive detection: 

https://www.virustotal.com/gui/file/5259f523e41ffa42af0753df4c020f911a585b311c3267f17703c14920a352b8?nocache=1

Thank you!

Open port 9339 - CVE-2016-2183

Hi,

After the update PA to version 11.1.0 (currently we are using version 11.1.1 but the problem still exists), Nessus discovered open TCP port 9339 and alerted about vulnerability SWEET32 (screen attached below).

It is weird, because port 9339 is u

Update PAN-OS 11.1.0 to 11.2.1?

Hi all -

With regard to CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect and other issues, our PA-820 is running PAN- OS 11.1.0, should it be updated to PAN-OS 11.2.1?

Thank you

False Positive: Virus/Win32.WGeneric.eefmlb on stream.x64.x-none.dat

Started getting false positives on our SCCM server after a repackaging of Microsoft Office 365 source, looks to be specifically on the data file for Microsoft Stream client. VirusTotal comes up clean.

Azure Microsoft Defender Security Warnings

Recently Microsoft Defender for Cloud has started reporting various files in our palo alto as malware. The most recent one today is hdd/mfa1z5om.aa2/tmp and hdd/mfa1z5om.aa2/usr/sbin as Trojan:Linux/Casdet!rfn. There have been daily alerts with vario

AcrobatDCx64Manifest3.msi from Akamai 23.200.196.138 detected as ml-virus