Welcome to the Threat and Vulnerability Forum
The purpose of this forum is to discuss security vulnerabilities and threats. Palo Alto Networks believes that understanding todays threat landscape is critical to effectively detecting and preventing cyb
...
We are see numerous alarms from our SIEM from our Palo Alto firewall. Here is a copy of a scrubbed log message below. When asking the user about their activity, they only RDP'ed into various servers from their laptop via the Globalprotect VPN for rem
...
Hi,
Ours is a digital bank. We are in the process of picking a tool to scan the docker images in the AWS code pipeline. While we were scanning using the default ECR scan process we noticed CVE-2021-33574, CVE-2019-25013, CVE-2021-3520. Thes
...
Hello everyone,
We had our Citrix environment recently that got flagged in the firewall with this virus. ( after 14-07 ) Virus/Win32.WGeneric.bhqpnl
We have a Saas solution of the product Basware. ( Bulk approval invoices ) We see on the Palo-Alto that
Hello,
I have a Palo Alto 8.1.18 firewall that is already configured with a SSL Forward Proxy setup for a a current set of traffic. There is only one signed certificate that is configured as the Forwarding Trust and Forwarding Untrust certificate (
...
Hello everyone,
I've had a computer recently that got flagged in the firewall with this virus. The file name is SharpCompress.dll, however when scanning the computer I can't find the file. Virustotal also doesn't have anything on this virus or SharpCo
...
Threat logs source zone as Outside and Destination zone as Outside in firewall
The ransomware is update again.
Now include virus in windows 7 virtual machine and attack host via share folder to host.
Palo alto NGFW not have .vbox file type (have vmdk only).
How to custom .vbox file type blocking or please update .vbox file type fo
...
We are investigating alerts of this DNS signature for x1.c.lencr.org.
I'd expect that a match for a clear text string in a DNS Request that it is very unlikely this is a false detection.
However to get alerts so quickly after this signature creation,
...
Hi All,
CVE-2004-0230 does not seem to show up in the Palo Alto Networks threat database, but the below KB article seems to indicate that PAN have introduced threat mitigation for this CVE in PAN-OS 6.0.
https://knowledgebase.paloaltonetworks.com/KCS
...
Hello
Did anyone a test concerning the vulnerability signature against the PoC available on https://github.com/cube0x0/CVE-2021-1675/ ?
Our tests did not trigger the signature, hence I'm nor sure if the PoC is working different, or if my configuration
...
Today we are getting bombarded with reports of email issues. Digging into the reports we have a lot of users who aren't able to send PDF's and the culprit is that the attachments are getting flagged by PAN.
The related CVE shows it was updated yester
...
In Firewall, the Logs is Displayed but Receiving a Mail pdf I get the Blanks Report As I see and reschedule the time and I get the pdf but what the reason I get the blank report that day
Hi Team,
Current PAN OS -8.1.10
Customer had run a VAPT assesment where they came up with certain Vulnerability such as
90317 - SSH Weak Algorithms Supported
70658 - SSH Server CBC Mode Ciphers Enabled
71049 - SSH Weak MAC Algorithms Enabled
While chec
...
PavelK
on:
Unable to get license of threat and wildfire
TomYoung
on:
Security profiles best practise
