Welcome to the Threat and Vulnerability Forum
The purpose of this forum is to discuss security vulnerabilities and threats. Palo Alto Networks believes that understanding todays threat landscape is critical to effectively detecting and preventing cyb
...
I installed a PA220 version 9.1.4. I was wondering how should I install threat Prevention.
I can't connect the perimeter wall to the Internet for some reason.
I have imported the license offline.But I don't know how to install this product offline.
Can
...
Hi Team,
We are getting following vulnerabilities on one of our PA Firewall. Kindly suggest the next PoA regarding mentioned vulnerabilities.
Plugin
Plugin Name
Family
Severity
IP Address
Type
84502
HSTS Missing From HTTPS Server
Web Servers
Medium
x.x.x.x
Pa
...
I have the DNS Security Service and it is set to sinkhole various malicious domains, including newly registered ones. The problem is that our on-premise spam filter tries to do lookups against the sending domain when we receive email, and I believe t
...
I have found several of my network devices are showing up within our vulnerability management scanner with X.509 Certificate Subject CN does not match the entity name as a vulnerability. This is more than likely a DNS issue as I do not have any netwo
...
Hey guys as we know the above advisory resolve in PANOS 10.0.8 and above so in the solution, Palo alto says they will resolve it in September can I get to know the status of the new firmware or can I download the 10.1.0 but that is not the stable ver
...
I am looking for assistance interpreting a report that shows “SCAN Host sweep traffic” in my threat log. There are multiple internal sources scanning multiple destination IP addresses that I do not own. The daily number of scans detected from each so
...
hey, guys hope you are doing well One of my customer getting the logs of SMB: User Password Brute Force Attempt for a particular user as the user is connected to Global VPN to LAN the port 445 getting reset both traffic logs in threat logs all things
...
I need to block these gamarue & avalanche-andromeda malware family please provide me the Thread-ID for this.
Hello,
I would like to add a policy for External Dynamic List in Panorama as a pre-rule for a particular device group. However, I am not able to see the Malicious IP addresses and High-Risk IP addresses in Panorama.
Kindly suggest.
Thanks
RE: 'Apache Tomcat WebSocket Denial-of-Service Vulnerability' generated by PAN NGFW detected on host foo-wrkXXX involving user foo\User.Name
-- Unique Threat ID: 59026
I am wondering if others are seeing this Alert generated due to what appears to be
...
I get ICMP and UDP flood alert messages from my external zone protection profile all the time. It does not seem to impact production - but not totally sure on that though.
We just have 1 - 5220, no Panarama. Anyone have any advise as to how best to co
...
Hi,
Malicious signature "Virus/Win32.WGeneric.bjpxbe" is detected on Cortex XDR.
When dwelled further, details & screen grab from THREAT VAULT are shared for your perusal
Unique Threat ID: 422569341
SHA256 values are (09fb42aa3d9fcb32e2dab5f9e614a1975e
...
Hello,
Is there any way to turn off the following information after commit on 9.0.1 with Anti-Spyware Profile attached to Security Policy?
I can't delete Palo Alto Networks DNS Security option from Anti-Spyware Profile.
Warnings
PavelK
on:
Unable to get license of threat and wildfire
TomYoung
on:
Security profiles best practise
