Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability Discussion Board

Welcome to the Threat and Vulnerability Forum

The purpose of this forum is to discuss security vulnerabilities and threats. Palo Alto Networks believes that understanding todays threat landscape is critical to effectively detecting and preventing cyb

...

Blocking malicious Java Script Web Attacks

I am seeing too many java script web attacks which are caught by Symantec Endpoint Protection on my end users Workstations. Some of them are listed below.

Web Attack: Malicious Injected JavaScript 14
Web Attack: Fake Jquery Injection 2
Web Attack: Mas

...

Fireball Malware Detection

Hello,

Is there a specific Threat ID or someting else that I can use to identify which systems, if any, are infected with Fireball?

How to view the "Hits" of my Vulnerability Protection Rule

Hello Everyone,

I am quite new to PA, so i would need your suggestion about this.

I created a Vulnerability Protection Rule wherein my goal is once a Signature update arrives (Vulnerability signature), all those that are “Critical” would have an automa

...

Resolved! DNS Sinkholing subdomains of known bad domains

I tried to find an answer for this, but I couldn't find it. If someone has already posted this question, apologies...

I just turned DNS sinkholing and it works as expected for root domains, for example:

nslookup kntsv.nl returns the DNS sinkhole IP o

...

Resolved! Penetration test recommendation for open ports?

Hi folks,

I being asked to provide some proof that we are safe from the latest WannaCry vunerability.

We have the latest 698 Threat content installed but trying to come up with a tool that could test with and generate a drop packet trace file on our

...

URL in monitor Threat

Hi,

in threat monitor I have the column "URL".

Here I see only words like "php", "doSearch.do", "viewcmspage.action" but not the complete url like http://www.mydomain.com/index.php?target=999".

Why??

Please help me remove a virus

Hi there, new to the community here.

I have a Mac running OSX 10.12.4 and I've had this happen 3 times.

Computer lid was closed & should have been asleep.

With the apple logo unlit, half an hour later I hear music playing - a paused video has been unp

...

Welcome to the Threat and Vulnerability Discussion Board

Welcome to the Threat and Vulnerability Forum

The purpose of this forum is to discuss security vulnerabilities and threats. Palo Alto Networks believes that understanding todays threat landscape is critical to effectively detecting and preventing cyb

...

Discussions

Welcome to the Threat and Vulnerability Discussion Board

Blocking malicious Java Script Web Attacks

Fireball Malware Detection

How to view the "Hits" of my Vulnerability Protection Rule

Resolved! DNS Sinkholing subdomains of known bad domains

Resolved! Penetration test recommendation for open ports?

URL in monitor Threat

Please help me remove a virus

Welcome to the Threat and Vulnerability Discussion Board

file getting blocked (false positive)

Security profiles best practise

Inline Cloud Analyzed Unknown-TCP Command and Control Traffic Detection

OneNote Extension File blocking

ms-ds-smbv3 - Trojan-Downloader/Win32.guloader.ao

Re: file getting blocked (false positive)

Re: Block High Risk TLDs

Re: Block High Risk TLDs

Re: SMB: User password brute force