This emergency content update provides coverage for recent generic exploit host page updates that have been seen in the wild. We recommend that you upgrade all devices to the latest Applications and Threats content version and review your security policy to ensure the desired action is configured for each security policy rule.
Palo alto says that it has seen this activity in the wild, can anyboady share any link to the base article or tecchincal article related to this signature?.
I did not find anything useful details in the threat vault as it gives only generic discription.
"This signature detects a landing page used by an exploit kit. Browser fingerprinting or attempts to direct a browser to download targeted malware are examples of behaviors that could indicate an exploit kit landing page and trigger this signature. "
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!