This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
About Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!

Discussions

Start a conversation

Risk 0 for workday and service now.

Hi, 

I noticed in our ACC dashborad that the applicaitons in use such as workday and servicenow were assigned a risk of 0.  Is that becuase they have not been identified as risky apps or thats the lowest risk level which means no threat app.  

 

Thank y

...

TCP SYN with data Threat logs

Hi Guys,

 

I receive hundreds of TCP SYN with data Threat Alerts from my BYOD zone every day. I was learning more about it and I understood that it is a TCP syn packet with data in its payload. However, as almost all of them seems to come from non-mali

...

Resolved! Dynamic IP List import now failed

I just have the two default PA dynamic IP lists, but they each only have roughly 100 IPs.  I would think there would be more than that but when I try to hit 'import now' it just fails.  Anyone shed some light on how these two lists work and how often

...

drewdown by L4 Transporter
  • 21306 Views
  • 15 replies
  • 0 Likes

Mass unsubscribe

I work for an email marketing company.  We have a sender who sent out 3 separate emails blast to over 1 million contacts.   They had a very high unsubscribe rate.  After our engineering team looked at the logs, we see that all the unsubscribes happen

...

NoyesJ by L1 Bithead
  • 8450 Views
  • 8 replies
  • 0 Likes

Resolved! IP blcoking on ip scan

I wonder if there is dynamic blocking IP if on short period of time that IP did ip scan or try the same vulnerability attack on our IP range, becuse the attack was once on each policy rule it doesn't reach the vulnerability protection limit for block

...

SShnap by L3 Networker
  • 9973 Views
  • 5 replies
  • 0 Likes

Resolved! Youtube risk

Hi guys.

 

In Palo Alto Firewall 7.1.8 version, Youtube-base application is categorized with risk 4, because is Used by Malware and Has Known Vulnerabilities. I try to search for information about it but I couldn't find it yet. There is some informatio

...

DNT_FLAR by L0 Member
  • 5662 Views
  • 2 replies
  • 0 Likes

Command & Control or Just Ads?

In the last few days I have seen alerts for berbew.jb C2 traffic(192730665) and dynamer.bayo C2 traffic(192442683).  The odd thing here is that in the alert the same url is being accessed (ad.afy11.net/ad?mode=7&publisher_dsp_id=67&external_user_id=X

...

bayo.PNG
berbew.PNG
DIRTT by L2 Linker
  • 7971 Views
  • 5 replies
  • 3 Likes
  • 503 Posts
  • 63 Subscriptions
Top Solution Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks