-
Welcome to the Threat and Vulnerability Discussion Board
Welcome to the Threat and Vulnerability Forum The purpose of this forum is to discuss security vulnerabilities...
03-27-2017 Posted by N/A0 Replies3 Likes4907 Views
-
How to choose signature for sql-injection?
Hi all, in palo alto, there are 380+ signatures which are related to sql injection, and the default action for...
07-29-2020 Posted by herman20181 Replies0 Likes140 Views
-
Threat 109020001 detection, dropping LAN traffic after 10.0...
After upgrading from v9.1.3 to v10.0.0, I'm seeing detections for109020001 (newly registered domain) for traff...
07-22-2020 Posted by JonIsaacson1 Replies0 Likes184 Views
-
Virus/Win32.WGeneric.akzslp - ffmpeg.dll
Hi,Since 2020-07-20 I have been getting Virus alerts in the Threat log on my PAN. It has pointed out that ffmp...
07-23-2020 Posted by AFuller72 Replies0 Likes248 Views
-
Block VPN for School Students
Good afternoonI'm hoping someone might have an answer for me. I'm trying to see if there is a way to block any...
04-03-2019 Posted by RichGrove6 Replies0 Likes6933 Views
-
Virus / Win32.WGeneric.aktpum - Android TV viewing applicati...
Virus / Win32.WGeneric.aktpum - Application to watch Android TV?It was unfortunate that I used the Virus / Win...
07-24-2020 Posted by TryphenaNeala1 Replies0 Likes189 Views
-
Poor performance when applying TP license
Performance decrease occurs when TP license is appliedI would like to know how much performance degradation oc...
07-22-2020 Posted by ohhansu1 Replies0 Likes173 Views
-
Exception for DNS signature which is showing the ID as 0 and...
Getting false positive for the Link tivoli.com.qa as threat name(68360795).Its getting DNS sinkholing.Can anyo...
07-12-2020 Posted by CyberEye7 Replies0 Likes771 Views
-
Ripple20 Vulnerability Group
Hi thereAbout 14 days ago a group of new 19 vulnerabilities were published under the name of "ripple20" by JSO...
07-02-2020 Posted by AndreasTrautmann3 Replies0 Likes746 Views
-
Digium Asterisk WebSocket Frame Empty Payload Denial-of-Serv...
How do I report or provide feedback regarding the Cortex Alert named "Digium Asterisk WebSocket Frame Empty Pa...
07-06-2020 Posted by KRisselada1 Replies0 Likes319 Views
-
find IoC already in Minemeld
I have a miner set up in Minemeld, to which I can add IP addresses for blocking. I would like to find out if o...
07-04-2020 Posted by petercvan1 Replies0 Likes359 Views
-
Virus/Win32.WGeneric.ajdriy - OneDriveSetup.exe
Hi,Since yesterday April 13/2020 I have been getting Virus alerts in the Threat log on my PAN 3020. It has poi...
04-14-2020 Posted by hhiggins21 Replies1 Likes7658 Views
-
Is this false positive
office365-enterprise-access app getting dropped.
06-24-2020 Posted by raji_toor2 Replies0 Likes401 Views
-
Virus/Win32.WGeneric.aktpum - OneDriveSetup.exe detected via...
Hello,Are seeing the following in Cortex XDR'Threat ID #348815361' generated by PAN NGFW detected on host 10.x...
06-29-2020 Posted by KRisselada7 Replies0 Likes1603 Views
-
Security LifeCycle Review Flagging Unknown Binary as High Ri...
Hello All,Can anybody in the group share their experience/Knowledge over Unknown binaries? As I am observing m...
06-29-2020 Posted by Daniyal0 Replies0 Likes249 Views
-
Security profile testing
I am currently building out more granular policies that have application groups applied as well as security pr...
06-26-2020 Posted by Jamesy2 Replies0 Likes439 Views
-
URL Filtering
http://shodan.io/ URL is categorized as hacking website.Can someone advise as internal users want access to it...
02-06-2020 Posted by FIDELE9 Replies0 Likes3703 Views
-
We have enabled ssl inbound decryption and able to exploit t...
We have ssl inbound decryption configured and from outside we are able to exploit the vulnerabilty.Need to kno...
05-06-2020 Posted by MP184 Replies0 Likes1081 Views
-
Adobe-Creative Cloud WildFire Virus alerts.
Hi,Since this morning June 17/2020 I have been getting Virus alerts in the Threat log. It has pointed out that...
06-17-2020 Posted by Jake_Haynes4 Replies0 Likes754 Views
-
Microsoft Directory Services/ms-ds-smbv3 - Virus/Win32.WGene...
We are see numerous alarms from our SIEM from our Palo Alto firewall. Here is a copy of a scrubbed log message...
05-05-2020 Posted by NiganDong2 Replies0 Likes807 Views
-
Spyware with DNS Protection
Hi All,Our Firewall drop DNS traffic of C&C (us.jaxonsorensen.club, news.sqllitlerver.info & log.oslog...
06-02-2020 Posted by Khai-Huynh6 Replies0 Likes1138 Views
-
Microsoft Directory Services/ms-ds-smbv3 - Virus/Win32.WGene...
We are see numerous alarms from our SIEM from our Palo Alto firewall. Here is a copy of a scrubbed log message...
03-20-2019 Posted by LeeSeeman4 Replies0 Likes8401 Views
-
Microsoft URL being DNS sinkholed suddenly?
Has anyone else started getting DNS sinkhole threat alerts for the below domain? About half a day ago I starte...
06-07-2020 Posted by BStojceski4 Replies0 Likes2643 Views
-
incorrect destination zone in threat logs
Hi,if the firewall is configured with zone protection profiles and the setting "set system setting additional-...
06-03-2020 Posted by JuergenHolzer1 Replies0 Likes468 Views
-
DNS issues after implementing GeoBlock policy.
Hey guys, wanted to see if I can can get any input on this here - had to Geoblock one of the countries for inb...
05-28-2020 Posted by MKarasev2 Replies0 Likes673 Views
-
SSL Self Signed Certificate Vulnerability
Does anybody know how to mitigate this vulnerability? This is being detected on our PA-3020 series firewalls r...
05-28-2020 Posted by Fr4nk42 Replies0 Likes619 Views
-
Microsoft office/teams malicious traffic
We are seeing bunch of Microsoft office 365/teams related traffic categorized as vulnerable/virus. But we don'...
05-19-2020 Posted by raji_toor1 Replies0 Likes740 Views
-
Malicious traffic blocked by PAN : Virus/Win32.WGeneric.ajbe...
Hi Team,These are the below sign identified in our network and want to know the reason for this trigger.Please...
05-14-2020 Posted by Veerendra7 Replies0 Likes2141 Views
-
Virus/Win32.WGeneric.ajqxax
Starting yesterday I have seen virus alerts on my firewall relating to the above virus. The file names in ques...
05-14-2020 Posted by hhiggins1 Replies0 Likes775 Views
-
SSH protocol uses Weak key exchange algorithms in PA 500 fo...
Hi Team , PA 500 with 8.1.14 (latest OS ) is having the VulnerabilitySSH protocol uses Weak key exchange algor...
05-12-2020 Posted by Shashihm4 Replies0 Likes1272 Views
-
How to stop MortiAgent Malware using the snort rule ?
Software Version9.0.5Problem Description: How to stop MortiAgent Malware using snort rule ?I want to stop the ...
05-07-2020 Posted by Mohammed_Yasin2 Replies0 Likes968 Views
