Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
About Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!

Discussions

Moving from RSA to ECDSA

Hi, we are using some RSA certs and due to a vulnerability we need to swap them for ECDSA. Our usual cert provider doesn't offer ECDSA. Could someone suggest the best way to obtain this please? I wasn't sure if OpenSSL was a valid option? Thanks, Joh

...

More PA region incorrect results

Seems like the region database was updated and has broken US addresses again.. Trying to check a site URL against the PA database at https://urlfiltering.paloaltonetworks.com/ and unable to get there from my corporate network... urlfiltering.paloalto

...

Wildfire reports refuse to connect

Hi Team, 

 

We are facing an error in wildfire reports after updagrade to 10.0.8h4 . it says wildfire reports refuse to connect.

 

Please suggest any solution  to check but if i updgrade to 10.1.3 it is working fine in mylab.

 

Regards

Chetan

ChetanR by L0 Member
  • 6770 Views
  • 11 replies
  • 1 Likes

Is the Applications and Threats Content updated about CVE-2022-26134 (Remote Code Execution Vulnerability in Atlassian Confluence)?

hello.
I would like to know whether information about the recently announced vulnerability, CVE-2022-26134 (remote code execution vulnerability in Atlassian Confluence), is reflected in Applications and Threats Content.

I have read all the available re

...

Memory Corruption Exploit

Good day,

 

This may be a silly question we have been getting memory corruption exploit Alerts from a certain endpoint. Client does see them as cause for concern.

On a single end point would it be cause for concern to see multiple memory corruption expl

...

aadamb by L0 Member
  • 2336 Views
  • 0 replies
  • 1 Likes

How to detect domain fronting

Hi,

 

did anyone manage to write a custom signature to detect domain fronting?

PA extracts the Host header, so in theory it should be possible to detect if the Host header is different from the URL?

 

Alternatively, if one could log the Host header one co

...

AndreasB by L2 Linker
  • 7901 Views
  • 2 replies
  • 0 Likes

Unit42 STIX 2.0 feeds

I'm running my own Anomali STAXX server. I'm trying to ingest these Unit 42 feeds.  Do they still exist? The page is still up and I registered and created my API keys. No matter what I try to do, I can't get Anomali STAXX to connect. https://stix2.un

...

ingerl by L0 Member
  • 2644 Views
  • 1 replies
  • 1 Likes
  • 505 Posts
  • 65 Subscriptions
Top Liked Authors