This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
About Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.

Discussions

Start a conversation

Welcome to the Threat & Vulnerability Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4179 Views
  • 0 replies
  • 0 Likes

RE: Egregor Ransomware attack on Palo Alto

Dear Team, PAN OS Version: 8.1.12PAN MODEL: PA-3020If Palo Alto have a valid signature of this Egregor Ransomware attack ? Also please check whether Palo Alto has any FAQ related to Egregor Ransomware. SignatureReleasePost-7.1Domain NameTypeName: generic:egregor.topUnique Threat ID: 385503381Create Time: 2020-11-16 07:32:05 (UTC)Threat ID: n/a...

Want to report False Positive - HT Work Focus

Hi Team, I want to report a false positive detection on VirusTotal for our product - HT Work Focus, its executable file - wmime.exe We make parental controls and productivity management software for more than 10 years and have thousands of customers. Our software is safe. I ask you to check our software manually to make sure it is safe and add i...

Resolved! predefined IP address feeds are too small

Hello, I am checking the content of two predefined dynamic IP lists for high risky IP addresses and known malicious IP addresses and they are too small, just 613 addresses in total. There is a document https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-new-features/content-inspection-features/palo-alto-networks-malicious-ip-address-feedsand t...

ProxyGate.net

Tips appreciated on how to identity and potentially block proxygate.net clients on a campus network. Proxygate is not necessarily a benign tool. Bad actors can look for proxygate clients embedded on networks and use them to get a foothold on the network. Personally owned machines are often used - unmanaged devices - and the owners probably do ...

Resolved! Reconnaissance Protection tresholds

Hello there, I am in the process of configuring our reconnaissance protection profile and need some advice on best practices for interval and tresholds (events). I have been searching through the docs and can't find recommended settings for the below interval and threshold. - TCP Port Scan- Host Sweep- UDP Port Scan I currently set 2 seconds fo...

Gregoryp by L1 Bithead
  • 7939 Views
  • 4 replies
  • 0 Likes

It's possible to block custom file hash-256 in Palo alto.

It's possible to block custom file hash-256 in Palo alto.Please let me know how I can check the respective file hashes disposition at a wildfire, either it is in block or not. Here is below the file hashes need to know for disposition. f743c0849d69b5ea2f7eaf28831c86c1536cc27ae470f20e49223cbdba9c677ce56d45628f0c2bda30ab235657704aac50a8433bdb4215c...

MineMeld sweet32/upgrade?

Getting sweet32 detected on mindmeld server. Trying and failing to update.What is update process for Ubuntu 16.04.6 LTS ? login screen:141 packages can be updated.91 updates are security updates.New release '18.04.3 LTS' available.Run 'do-release-upgrade' to upgrade to it. Result:ubuntu@em-minemeld:~$ sudo do-release-upgrade[sudo] password for u...

craymer by L1 Bithead
  • 5105 Views
  • 1 replies
  • 1 Likes

Security LifeCycle Review Flagging Unknown Binary as High Risk FileTypes

Hello All,Can anybody in the group share their experience/Knowledge over Unknown binaries? As I am observing my Security control flagging Unknown Binaries as a High-Risk filetype. I just need to know what actually these unknown binaries are ? for what they are used for ? what are their potential threats/risk to organizations infrastructure ? and...

Daniyal by L0 Member
  • 6834 Views
  • 1 replies
  • 0 Likes

Microsoft Directory Services/ms-ds-smbv3 - Virus/Win32.WGeneric.yurld?

We are see numerous alarms from our SIEM from our Palo Alto firewall. Here is a copy of a scrubbed log message below. When asking the user about their activity, they only RDP'ed into various servers from their laptop via the Globalprotect VPN for remote admin work and ran a batch file that re-maps drives. Additionally they noted browsing to \\&l...

Wildfire is allowed to dynamic analysis for File Type Unknown Extention

We just need to know the wildfire file type which is allowed to dynamic analysis.As I know the following URL described allowed file type for sandboxing but what happened with unknown Extention when it classified as an unknown file. https://docs.paloaltonetworks.com/wildfire/9-0/wildfire-admin/wildfire-overview/wildfire-file-type-s... Model PA-3220

  • 545 Posts
  • 78 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks