This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.
About Advanced Threat Prevention Discussions
Welcome to the Advanced Threat Prevention discussion area. Here, we explore Precision AI-powered protection that stops zero-day malware, exploits, and command-and-control attacks in real time—ensuring proactive defense and resilience against today’s most sophisticated threats.

Discussions

Start a conversation

Welcome to the Threat & Vulnerability Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4170 Views
  • 0 replies
  • 0 Likes

CVE-2023-38046 PAN-OS: 구성 커밋 중 시스템 파일 및 리소스 읽기

원본 링크 https://security.paloaltonetworks.com/CVE-2023-38046 공격 벡터: 네트워크 범위: 변경 없음 공격 복잡도: 낮음 기밀성 영향: 높음 필요한 권한: 높음 무결성 영향: 낮음 사용자 상호 작용: 없음가용성 영향: 없음 게시 2023-07-13업데이트 2023-07-13참조 PAN-208922외부에서 발견됨 설명: Palo Alto Networks PAN-OS 소프트웨어에는 특별히 생성된 구성을 커밋할 권한을 가진 인증된 관리자가 시스템의 로컬 파일 및 리소스를 읽을 수 있는 취약점이 존재합니다. 제품 상태: 심각도:중간CVSSv3.1 기본 점수:5...

yyu_0-1689578834166.png
yyu_1-1689579200632.png
yyu by L4 Transporter
  • 2448 Views
  • 1 replies
  • 0 Likes

Resolved! Not-resolved URL blocking PAN url cloud updates

I am in a pickle, I have PANs managed by panorama but I can't push any URL updates to the PAN that is blocking itself. Can I just update that policy that this traffic is hitting and remove the URL category action on it? Will that allow it to connect? I tried updating service routes to use the outside interface but still URL updates are not hap...

drewdown_0-1689801015481.png
drewdown by L4 Transporter
  • 12989 Views
  • 3 replies
  • 0 Likes

False Positive Anydesk

Dear Team, Currently we find out the anydesk application (exe files) has been blocked by PaloAlto Virus/Win32.WGeneric.dzogbf Unique Threat ID: 593407638 already cross check with the virus total and it's clean Could you check it for the issue, thanks.

NYanico by L1 Bithead
  • 2144 Views
  • 1 replies
  • 0 Likes

Need confirmation from Palo alto on DNS Trojan ShadowPad Detected

1. Customer has encountered the new threat alert named DNS Trojan ShadowPad Detected in their network but the traffic is passing through Palo alto firewall and it is allowed and no threat alerts are triggered in Palo Alto Firewall. 2. TLS Version 1.1 Protocol Deprecated - Need to Enable support for TLS 1.2 and/or 1.3, and disable support for T...

Cortex XDR logs fed into Splunk ES

Hello all,Is there a repository of Splunk searches or queries based on Palo Alto Cortex XDR logs that I can be referred to? I am looking to create correlation searches in Splunk that will help filter through the alerts/logs received.Is that something that everyone is building out custom? Please point me in the direction on where I can find more ...

Missing CVE

Dear Team, Kindly we need to know if the below high vulnerabilities will be added soon as there are no signatures for them on Palo Alto: 1- CVE-2022-2601 regarding the below: https://linux.oracle.com/cve/CVE-2022-2601.html 2- CVE-2022-3775 regarding the below: https://linux.oracle.com/cve/CVE-2022-3775.html

Thwarting the Theft of OAuth Session Tokens Using Secured Containerized Development Environments (CDEs)

Cyberattacks targeting resource credentials such as session tokens are on the rise Recent high-profile cases such as the source code leaks of Slack's GitHub repositories in January 2023, CircleCI in January 2023, and before that GitHub accounts in April 2022, and Okta in December 2022 are evidence of this trend. In this short blog, we briefly ...

Tokens-_3_.jpg
Protect-repo-_1_.jpg
exfiltrated-session-token-_1_.jpg

Resolved! OneNote Extension File blocking

There has been an increase of reports of malware using One Note files in malware campaign but i dont see the .one extension listed in the file blocking list. I see the Microsoft Office, I am not sure if .one is included in that category but i dont really want to block all the office files just the .one files. Could this the .one file extens...

PyPI repository attack

Hi team, The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled the ability for users to sign up and upload new packages until further notice. Does any one knows how to check for PyPI (Python library code repository) Logs in Panorama? Thanks

Koberoi3 by L0 Member
  • 1278 Views
  • 0 replies
  • 0 Likes

DNS Signatures

some logs showing the message “Suspicious DNS Query”, it will easy for us to analyse. But the logs showing code “577407756(577407756)”, we are not able to understand what it mean for.

DNS Signature for threat logs-1.png

EvilExtractor

We have concerns about the Evil Extractor malware posted here: https://www.fortinet.com/blog/threat-research/evil-extractor-all-in-one-stealerI have not been able to find anything on the PA Cortex or Firewall Pages and need to get information back to my CIO that we are protected by PA on this. I posted on the Cortex page but want to be sure our ...

False positive? - Generic Malicious Javascript Detection 86736

Since this new spyware signature was pushed Monday, we have seen a huge number of hits across major websites. Then this morning the signature was pulled as possibly having false positive detection problems. However, I have been investigating the hits in between and seen troubling indicators of suspicious behavior. Specifically, the alert is trig...

  • 545 Posts
  • 78 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks