Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Threat & Vulnerability Discussions
This forum provides information regarding how to detect and prevent the impact of vulnerabilities, malware, and other threats through the use of the Palo Alto Networks security platform.
About Threat & Vulnerability Discussions

Welcome to the Threat and Vulnerability discussion forum. This forum exists as a resource for security professionals to discuss and share information pertaining to the topics of threats and vulnerabilities.
Not a LIVEcommunity member? Simply click here and register!

Discussions

spam-urls ?

Running PAN-OS 6.1.15 and content 709, when I filter for "spam-urls" (a category that I wasn't really aware of previously), Panorama returns "extremism" hits. Am I missing a trick here or is something broken?

notes01 by L2 Linker
  • 6904 Views
  • 4 replies
  • 0 Likes

"Whitelist" a brute force attack

Hi all,

we run a cron job from one intern server to another.

Because of this we get alerts in the threat tab and the threat tab is full of this. I don´t want to see this alerts anymore.

 

I create under Objects/vulnarebility protection/ a new profile:

In

...

bruceforce.jpg
Adrijana by L0 Member
  • 8280 Views
  • 2 replies
  • 0 Likes

Threat ID ranges definitions

Hello Threat Team,

 

Hope everyone is well today. We came across a Threat ID 6000400 which falls under an Antivirus Signature Range: SWFZWS: 6000000 - 6000500 (Ref: https://live.paloaltonetworks.com/t5/Threat-Vulnerability-Articles/Threat-ID-Ranges-in-

...

image2.jpg
image005.png
Fedz by L0 Member
  • 7900 Views
  • 1 replies
  • 4 Likes

URL in monitor Threat

Hi,

in threat monitor I have the column "URL".

Here I see only words like "php", "doSearch.do", "viewcmspage.action" but not the complete url like http://www.mydomain.com/index.php?target=999".

Why??

s_quasar by L3 Networker
  • 4730 Views
  • 1 replies
  • 0 Likes

Please help me remove a virus

Hi there, new to the community here.

 

I have a Mac running OSX 10.12.4 and I've had this happen 3 times.

 

Computer lid was closed & should have been asleep.

With the apple logo unlit, half an hour later I hear music playing - a paused video has been unp
...

malwarebytes findings.png
coyote by L0 Member
  • 4080 Views
  • 0 replies
  • 0 Likes
  • 480 Posts
  • 64 Subscriptions
Top Solution Authors
Top Liked Authors