-
Welcome to the Threat and Vulnerability Discussion Board
Welcome to the Threat and Vulnerability Forum The purpose of this forum is to discuss security vulnerabilities...
03-27-2017 Posted by N/A0 Replies3 Likes5135 Views
-
How to block .vbox files for protect ransomware?
The ransomware is update again.Now include virus in windows 7 virtual machine and attack host via share folder...
09-19-2020 Posted by Noviceadmin0 Replies0 Likes31 Views
-
How to choose signature for sql-injection?
Hi all, in palo alto, there are 380+ signatures which are related to sql injection, and the default action for...
07-29-2020 Posted by herman20184 Replies0 Likes680 Views
-
Microsoft Directory Services/ms-ds-smbv3 - Virus/Win32.WGene...
We are see numerous alarms from our SIEM from our Palo Alto firewall. Here is a copy of a scrubbed log message...
05-05-2020 Posted by NiganDong4 Replies0 Likes1355 Views
-
Unable to resolve internal url's after implementing dns secu...
I only would like to know if we add*.domain.inin External dynamic list and if we call that EDL in Antispyware ...
08-31-2020 Posted by OsamaKhan1 Replies0 Likes249 Views
-
It's possible to block custom file hash-256 in Palo alto.
It's possible to block custom file hash-256 in Palo alto.Please let me know how I can check the respective fil...
09-14-2020 Posted by Mohammed_Yasin1 Replies0 Likes95 Views
-
Help with Threat log SCAN: Host Sweep
I am looking for assistance interpreting a report that shows “SCAN Host sweep traffic” in my threat log. There...
01-16-2020 Posted by hattracker10 Replies1 Likes3455 Views
-
Geolocation Address Groups
Does anyone know if you can create Geo-location address groups? I want to create a group for all the bad Count...
09-04-2020 Posted by JeffNeff1 Replies0 Likes164 Views
-
MineMeld sweet32/upgrade?
Getting sweet32 detected on mindmeld server. Trying and failing to update.What is update process for Ubuntu 16...
02-06-2020 Posted by craymer1 Replies1 Likes1064 Views
-
Poor performance when applying TP license
Performance decrease occurs when TP license is appliedI would like to know how much performance degradation oc...
07-22-2020 Posted by ohhansu2 Replies0 Likes549 Views
-
Security LifeCycle Review Flagging Unknown Binary as High Ri...
Hello All,Can anybody in the group share their experience/Knowledge over Unknown binaries? As I am observing m...
06-29-2020 Posted by Daniyal1 Replies0 Likes532 Views
-
Wildfire is allowed to dynamic analysis for File Type Unknow...
We just need to know the wildfire file type which is allowed to dynamic analysis.As I know the following URL d...
08-04-2020 Posted by Mohammed_Yasin1 Replies0 Likes469 Views
-
Threat 109020001 detection, dropping LAN traffic after 10.0...
After upgrading from v9.1.3 to v10.0.0, I'm seeing detections for109020001 (newly registered domain) for traff...
07-22-2020 Posted by JonIsaacson1 Replies0 Likes439 Views
-
Virus/Win32.WGeneric.akzslp - ffmpeg.dll
Hi,Since 2020-07-20 I have been getting Virus alerts in the Threat log on my PAN. It has pointed out that ffmp...
07-23-2020 Posted by AFuller72 Replies0 Likes665 Views
-
Block VPN for School Students
Good afternoonI'm hoping someone might have an answer for me. I'm trying to see if there is a way to block any...
04-03-2019 Posted by RichGrove6 Replies0 Likes8015 Views
-
Virus / Win32.WGeneric.aktpum - Android TV viewing applicati...
Virus / Win32.WGeneric.aktpum - Application to watch Android TV?It was unfortunate that I used the Virus / Win...
07-24-2020 Posted by TryphenaNeala1 Replies0 Likes442 Views
-
Exception for DNS signature which is showing the ID as 0 and...
Getting false positive for the Link tivoli.com.qa as threat name(68360795).Its getting DNS sinkholing.Can anyo...
07-12-2020 Posted by CyberEye7 Replies0 Likes1629 Views
-
Ripple20 Vulnerability Group
Hi thereAbout 14 days ago a group of new 19 vulnerabilities were published under the name of "ripple20" by JSO...
07-02-2020 Posted by AndreasTrautmann3 Replies0 Likes1413 Views
-
Digium Asterisk WebSocket Frame Empty Payload Denial-of-Serv...
How do I report or provide feedback regarding the Cortex Alert named "Digium Asterisk WebSocket Frame Empty Pa...
07-06-2020 Posted by KRisselada1 Replies0 Likes675 Views
-
find IoC already in Minemeld
I have a miner set up in Minemeld, to which I can add IP addresses for blocking. I would like to find out if o...
07-04-2020 Posted by petercvan1 Replies0 Likes635 Views
-
Virus/Win32.WGeneric.ajdriy - OneDriveSetup.exe
Hi,Since yesterday April 13/2020 I have been getting Virus alerts in the Threat log on my PAN 3020. It has poi...
04-14-2020 Posted by hhiggins21 Replies1 Likes9703 Views
-
Is this false positive
office365-enterprise-access app getting dropped.
06-24-2020 Posted by raji_toor2 Replies0 Likes726 Views
-
Virus/Win32.WGeneric.aktpum - OneDriveSetup.exe detected via...
Hello,Are seeing the following in Cortex XDR'Threat ID #348815361' generated by PAN NGFW detected on host 10.x...
06-29-2020 Posted by KRisselada7 Replies0 Likes3274 Views
-
Security profile testing
I am currently building out more granular policies that have application groups applied as well as security pr...
06-26-2020 Posted by Jamesy2 Replies0 Likes791 Views
-
URL Filtering
http://shodan.io/ URL is categorized as hacking website.Can someone advise as internal users want access to it...
02-06-2020 Posted by FIDELE9 Replies0 Likes4499 Views
-
We have enabled ssl inbound decryption and able to exploit t...
We have ssl inbound decryption configured and from outside we are able to exploit the vulnerabilty.Need to kno...
05-06-2020 Posted by MP184 Replies0 Likes1490 Views
-
Adobe-Creative Cloud WildFire Virus alerts.
Hi,Since this morning June 17/2020 I have been getting Virus alerts in the Threat log. It has pointed out that...
06-17-2020 Posted by Jake_Haynes4 Replies0 Likes1171 Views
-
Spyware with DNS Protection
Hi All,Our Firewall drop DNS traffic of C&C (us.jaxonsorensen.club, news.sqllitlerver.info & log.oslog...
06-02-2020 Posted by Khai-Huynh6 Replies0 Likes1731 Views
-
Microsoft Directory Services/ms-ds-smbv3 - Virus/Win32.WGene...
We are see numerous alarms from our SIEM from our Palo Alto firewall. Here is a copy of a scrubbed log message...
03-20-2019 Posted by LeeSeeman4 Replies0 Likes9680 Views
-
Microsoft URL being DNS sinkholed suddenly?
Has anyone else started getting DNS sinkhole threat alerts for the below domain? About half a day ago I starte...
06-07-2020 Posted by BStojceski4 Replies0 Likes3430 Views
-
incorrect destination zone in threat logs
Hi,if the firewall is configured with zone protection profiles and the setting "set system setting additional-...
06-03-2020 Posted by JuergenHolzer1 Replies0 Likes703 Views
