About s.debus

Hello all,   maybe i am to stupid but i have problems with understanding from the  PAN-SA-2023-0002 Informational Bulletin: Impact of Rorschach Ransomware Article (https://security.paloaltonetworks.com/PAN-SA-2023-0002).   It's about: „>= Agents with CU-240 or a later content update on Windows“   However, our content version is 910-49625   Furthermore, the FAQ also states the following: "Q. Are Cortex XDR customers at risk for this ransomware? Palo Alto Networks has verified that Cortex XDR 7.7, and newer versions, with content update version 240 (released November, 2021), and later content updates, detect and block the ransomware. A new content update will be released next week to detect and prevent the usage of this DLL side-loading technique."   So is the ransomware being detected and blocked now, but there won't be a Cortex XDR Dump Service Tool fix via content update until next week?   Sorry but i don't get it.   Maybe someone can help me with whis to understand.   BR Sascha       ... View more

Hello,   i know that i can block specific files in cortex but i am looking for a solution how i can block only .exe files in Users download folder. In the Malware Profiles i can see that there is only a allow list where i can write single filenames that will be allowed.   Do you have any idea how i can realise this?   Best Regards Sascha   ... View more

Hello   i have an PA-200 running with PanOS 8.0.3 that got no support. Before i could do an update of PanOS manually without Support License. Now i wanted to do an manual update to 8.0.6 but it didn't work. I only get a message that the device got no support. When i upload the new Software Version, i can't see it on the device (Gui or CLI). I can see that there is no button "Install from file" anymore from beginning.   I was trying to upload with TFTP. I could see that the bites are running up but no chance to see it on the PA-200. CanÄt install it via CLI. I am out of Ideas.   Can anybody help?   Best Regards Sascha ... View more