How to avoid vulnerability CVE-2018-10933

 Hello , 

recently i heared about  CVE-2018-10933 ,  i have software version 8.1.3 

 i am asking if the our software version is affected by this CVE , which  is related to Libssh .

thanks , 

Moustafa

Any way to test DoS protection policy in the lab setup

Hello

i am looking for a way to test DoS protection policy in the lab environment before we implement it in production and wondering if there is tool (or linux-based traffic generator) that might be able to assist in generating traffic that will trigg

Cisco Umbrella/OpenDNS queries now being flagged as threat 18003

We use Cisco Umbreall/OpenDNS for secure DNS and web protection. 

Cisco Umbrella setup guide says that they use DNSCrypt for secure DNS queries.

This setup has worked flawless for years until about two weeks ago,. We began getting alerts that the two

Exceptions aggregation criteria

What does these options for aggregation criteria actually mean when creating exceptions in vulerabilit profile - source, destination or by source and destination.

And also track by IP source and IP source destination

Sinkhole dns-wildfire

How does the dns-wildfire threat category work? I've seen a log entry, but there isn't any traffic to the sinkhole IP. The action is sinkhole and reported as generic:malicious.domain1. I have confirmed that sinkhole does work for regular threat categ

Authorized file suddenly blocked as threat

We came into the office this morning to receive reports from users that they weren't able to access their core application which runs on apache web server.  When they login, the internet explorer URL directs the users to www[whatever-url]com/login.js

MINEMELD CSV OUTPUT to ArcSight Logger SIEM

Hi,

I've MineMeld running on Ubunto 14.04 TLS and everythings Ok.

Cunfigured CEF output e now I'm looking for a CSV output, that is for inputing on ArcSight Logger in order to use this csv in Lookups to match events.

Has anyone found/created any node

C&C Traffic Direction re China Chopper

Hi,  sorry if this is a stupid question, maybe we need a Reddit-style "ELI5" forum ;o)

I have been turning a blind eye to a background hum of China Chopper alerts for some time, so I thought I would try to understand what is going on.  The thing is t

Help with Microsoft DCE RPC Big Endian Evasion Vulnerability 33510

I have Googled this and read up on numerous links, but I cannot find anything of value on this threatID.  I have 30-40 events a day from various IP addresses on my network, usually 1 event per IP, sometimes 2 events.  I have scanned several of the PC

Blocked URL's are not getting blocked anymore

I configured a URL filering profile that doesnt filter any topic & just blocks 2 URL's as a test.  This was working a few days ago but stopped.  There have been no new changes commited since & the security policy is still in the same order.  Even loo

Threat blocked by Palo Alto: Is there anything else to do?

Hi,

When the Palo Alto blocks a communication that is flags as a threat (ie: SQL Injection, XSS, etc.), should we investigate the target IP to make sure that the threat was blocked? The reason I'm asking is that whenever the Palo Alto blocks an attac