Cool PDF Reader PDF Stream Handling Buffer Overflow Vulnerability - CVE-2012-4914

Today we are getting bombarded with reports of email issues. Digging into the reports we have a lot of users who aren't able to send PDF's and the culprit is that the attachments are getting flagged by PAN.

The related CVE shows it was updated yester

Getting a Blank Report Pdf

In Firewall, the Logs is Displayed but Receiving a Mail pdf I get the Blanks Report As I see and reschedule the time and I get the pdf but what the reason I get the blank report that day 

Mitigation recommendation for certain vulnerability assesment done by VAPT team

Hi Team,

Current PAN OS -8.1.10

Customer had run a VAPT assesment where they came up with certain Vulnerability such as

90317 - SSH Weak Algorithms Supported

70658 - SSH Server CBC Mode Ciphers Enabled

71049 - SSH Weak MAC Algorithms Enabled

While chec

False Positive - ActiveX File - Teams.nuspec

Hi, 

I am getting this file blocked as 52041 

The file is teams.nuspec sha256 644f0a6755a5574c940fa39bbbcc4a92722ae58ddf0161e665237c6b3252c7d6

This is inside the teams installer.

Thanks

BizBo

CVE-2021-31166 vulnerability - any possible solutions from Palo to block this?

CVE-2021-31166 vulnerability - any possible solutions from Palo to block this? Or create a custom signature.

info I came across, but not sure if this is something Palo is planning on adding to their threat vuln protection signatures. See Microsoft has

Allow access google drive for specific users

Good Day Everyone , Need your suggestions

Google Drive is in our block list 'URL Filtering " , but i want to allow access for specific users .

 Can you please guide over this 

TCP timestamp response on MGMNT IP

In my case, the team is performing a vulnerability assessment on PA820

Vulnerability Title: TCP timestamp response.

Description: The remote host responded with a TCP timestamp. The TCP timestamp response can be used to approximate the remote host's upt

Codecov Breach

A conversation I have been hearing crop up is whether or not customers should be worried about Palo Alto being a Codecov customer and if that means that they are affected as well? Are only direct clients of Codecov affected?

malware

Hola, detectamos esta URL que es un malware indevafd.com 

False Positive? PDQ and virus win32.wgeneric.bdakpv

After installing a fresh version of PDQ Deploy and/or PDQ Inventory, got two threat notices of this, from our PDQ server to one of our servers it is supposed to scan.Thinking it is a false positive.

Virus/Win32.WGeneric

win32.wgeneric.bdakpv

Host sweep alert from an iPad

We have an iPad that is triggering our scan block policy as a host sweep. The iPad is attempting to connect to one external (Internet) IP over port 443. It's happened for the past few days to a different external IP each time.

Threat vault info.

Name:

Virus/Win32.WGeneric.ajtozf / ms-ds-smbv3

We have been seeing alot of detections for smbv3 for file detections varying from pdf to any office document. Wildfire has been picking up the traffic, marking it as Threat and either resetting it or alerting on in. This monthly only we have had abou

Syslog to exclude BYOD subnets from logging

Hi all , We do have a few questions on Logging. 

1. Can we exclude the BYOD subnet from alerting as they flooding us with irrelevant logs. (both URL and Threat monitoring)

2. Can we exclude some category in URL from sending syslog messages. Example he