我想了解防火墙新版本的功能，确定是否对我们有用，再决定升级，可以在哪了解

我想了解防火墙新版本的功能，确定是否对我们有用，再决定升级，可以在哪了解

SharpCompress.dll \ Virus/Win32.WGeneric.bgvbho

Hello everyone,

I've had a computer recently that got flagged in the firewall with this virus. The file name is SharpCompress.dll, however when scanning the computer I can't find the file. Virustotal also doesn't have anything on this virus or SharpCo

Threat logs source zone as Outside and Destination zone as Outside in firewall

Threat logs source zone as Outside and Destination zone as Outside in firewall

How to block .vbox files for protect ransomware?

The ransomware is update again.

Now include virus in windows 7 virtual machine and attack host via share folder to host.

Palo alto NGFW not have .vbox file type (have vmdk only).

How to custom .vbox file type blocking or please update .vbox file type fo

Threat ID 411977850 created 2021-06-11 13:58:04 (UTC)

We are investigating alerts of this DNS signature for  x1.c.lencr.org.

I'd expect that a match for a clear text string in a DNS Request that it is very unlikely this is a false detection.

However to get alerts so quickly after this signature creation,

Windows Print Spooler Remote Code Execution Vulnerability

Hello

Did anyone a test concerning the vulnerability signature against the PoC available on https://github.com/cube0x0/CVE-2021-1675/ ?

Our tests did not trigger the signature, hence I'm nor sure if the PoC is working different, or if my configuration

Cool PDF Reader PDF Stream Handling Buffer Overflow Vulnerability - CVE-2012-4914

Today we are getting bombarded with reports of email issues. Digging into the reports we have a lot of users who aren't able to send PDF's and the culprit is that the attachments are getting flagged by PAN.

The related CVE shows it was updated yester

Getting a Blank Report Pdf

In Firewall, the Logs is Displayed but Receiving a Mail pdf I get the Blanks Report As I see and reschedule the time and I get the pdf but what the reason I get the blank report that day 

Mitigation recommendation for certain vulnerability assesment done by VAPT team

Hi Team,

Current PAN OS -8.1.10

Customer had run a VAPT assesment where they came up with certain Vulnerability such as

90317 - SSH Weak Algorithms Supported

70658 - SSH Server CBC Mode Ciphers Enabled

71049 - SSH Weak MAC Algorithms Enabled

While chec

False Positive - ActiveX File - Teams.nuspec

Hi, 

I am getting this file blocked as 52041 

The file is teams.nuspec sha256 644f0a6755a5574c940fa39bbbcc4a92722ae58ddf0161e665237c6b3252c7d6

This is inside the teams installer.

Thanks

BizBo

CVE-2021-31166 vulnerability - any possible solutions from Palo to block this?

CVE-2021-31166 vulnerability - any possible solutions from Palo to block this? Or create a custom signature.

info I came across, but not sure if this is something Palo is planning on adding to their threat vuln protection signatures. See Microsoft has

Allow access google drive for specific users

Good Day Everyone , Need your suggestions

Google Drive is in our block list 'URL Filtering " , but i want to allow access for specific users .

 Can you please guide over this 

TCP timestamp response on MGMNT IP

In my case, the team is performing a vulnerability assessment on PA820

Vulnerability Title: TCP timestamp response.

Description: The remote host responded with a TCP timestamp. The TCP timestamp response can be used to approximate the remote host's upt

Codecov Breach

A conversation I have been hearing crop up is whether or not customers should be worried about Palo Alto being a Codecov customer and if that means that they are affected as well? Are only direct clients of Codecov affected?