Welcome to the Threat and Vulnerability Forum
The purpose of this forum is to discuss security vulnerabilities and threats. Palo Alto Networks believes that understanding todays threat landscape is critical to effectively detecting and preventing cyb
...
Hi Community,
I'm curious about your opinions to NetBIOS traffic.
I'm aware, that you can disable NetBIOS per interface via ncpla.cpl or via DHCP options.
With typical customers and current systems, you still see netbios connection between Windows sys
...
Hi All,
I'm curious to know how many of you have implemented the URL Filtering best practise, Content-ID - 'Hold client request for category lookup' feature? This feature is of particular interest to me because without this feature, the logs of other
...
Hello Team,
we Faced an problem for as the following below :
(active)> show system resources
top - 08:06:55 up 277 days, 16:43, 1 user, load average: 0.21, 0.14, 0.14
Tasks: 124 total, 3 running, 120 sleeping, 0 stopped, 1 zombie
%Cpu(s): 3.4 us, 1.6 sy,
Hi Guys, I am using a pair of PA820 with TP, URL Scan and WF. I received a list of hash values from my Authority but couldn't find any hits on VirusTotal. Without doubting my big boss, I wanted to manually block it in the firewall but could not find
...
Hello,
Starting on 31st of October following the threat and content update 8480-7019, we noticed that traffic to wordpress sites ending in the URL wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js is being flagged as generic C" traffic. Che
...
Beginning this morning we are seeing lots of apparent false positives for threat ID: 91836 - Cisco HyperFlex HX RCE, which was added to the threat database last night. The destination server is in Wells Fargo IP space and we have determined that this
...
I installed a PA220 version 9.1.4. I was wondering how should I install threat Prevention.
I can't connect the perimeter wall to the Internet for some reason.
I have imported the license offline.But I don't know how to install this product offline.
Can
...
Hi Team,
We are getting following vulnerabilities on one of our PA Firewall. Kindly suggest the next PoA regarding mentioned vulnerabilities.
Plugin
Plugin Name
Family
Severity
IP Address
Type
84502
HSTS Missing From HTTPS Server
Web Servers
Medium
x.x.x.x
Pa
...
I have the DNS Security Service and it is set to sinkhole various malicious domains, including newly registered ones. The problem is that our on-premise spam filter tries to do lookups against the sending domain when we receive email, and I believe t
...
I have found several of my network devices are showing up within our vulnerability management scanner with X.509 Certificate Subject CN does not match the entity name as a vulnerability. This is more than likely a DNS issue as I do not have any netwo
...
Hey guys as we know the above advisory resolve in PANOS 10.0.8 and above so in the solution, Palo alto says they will resolve it in September can I get to know the status of the new firmware or can I download the 10.1.0 but that is not the stable ver
...
I am looking for assistance interpreting a report that shows “SCAN Host sweep traffic” in my threat log. There are multiple internal sources scanning multiple destination IP addresses that I do not own. The daily number of scans detected from each so
...
hey, guys hope you are doing well One of my customer getting the logs of SMB: User Password Brute Force Attempt for a particular user as the user is connected to Global VPN to LAN the port 445 getting reset both traffic logs in threat logs all things
...
OtakarKlier
on:
Denial of Service Investigating
PavelK
on:
CVE-2023-38802
PavelK
on:
Vulnerability Protection Profile
