Apache Log4j Vulnerability -- Wildfire vrs update to Application and Threat content update 8502

maybe question i should ask myself after cup of morning coffee.

Hope you can help...

I see recommendation for Next Gen firewall: (Application and Threat content update 8502)

Next-Generation Firewalls or Prisma Access with a Threat Prevention security su

URL Blocking not working

Hello

Can anyone explain why this doesn't work?

I added misoft5.s3.us-east-2.amazonaws.com and misoft5.s3.us-east-2.amazonaws.com/* to my blocked URL list.

If I type in misoft5.s3.us-east-2.amazonaws.com in a browser I get the BLOCKED page. All is well.

id threat 91991

Hola a todos, ¿pueden ayudarme a filtrar en el ID de registro de amenazas 91991 en el firewall, cuál es el nombre que debo poner en el filtro?
Aprecio tu ayuda

Status of a given threat signature?

I'm running a 9.1 firewall with threat protection and wildfire. How do i check that a specific threat signature is turned on and blocking?

Firewall is allowing certain packets through different policy in URL based traffic blocking scenario

Hi Team,

We had configured an EDL today with URL list and created an security policy and applied it for an specific source IP address.

We had tried to access an URL in the EDL list and the website is not loading on the PC.

When checking the Traffic l

Threat ID 52019

Hi,

Im Trying to get some information on "Threat ID 52019", as i found only 1 document referencing it in the Palo Alto Knowledge Base . The information provided does not describe it. Is there a way to get more information on this? FYI, I don't have a

CVE-2021-42574

Minemeld alternative

Hello ,

On of our customer is dependent on their partner for Minemeld EDL

The Partner is hosting the Minemeld server and now our customer is planning to build their own Minemeld

As Minemeld is no longer supported by PAN and is purely an open Source s

malware.azjf C2 traffic

Hi,

I am seeing a lot of traffic being identified as malware.azjf C2 traffic over the last couple of days since the last threat update. I have noticed a pattern that users are visiting Wordpress websites that use the owl carousel plugin and checking t

NetBIOS in todays world

Hi Community,

I'm curious about your opinions to NetBIOS traffic.

I'm aware, that you can disable NetBIOS per interface via ncpla.cpl or via DHCP options.

With typical customers and current systems, you still see netbios connection between Windows sys

Content-ID - Hold Client Request

Hi All,

I'm curious to know how many of you have implemented the URL Filtering best practise, Content-ID - 'Hold client request for category lookup' feature? This feature is of particular interest to me because without this feature, the logs of other

Palo Alto Firewall Swap Problem appliance is 100% (fully utilized)

Hello Team, 

we Faced an problem for as the following below :

(active)> show system resources

top - 08:06:55 up 277 days, 16:43, 1 user, load average: 0.21, 0.14, 0.14
Tasks: 124 total, 3 running, 120 sleeping, 0 stopped, 1 zombie
%Cpu(s): 3.4 us, 1.6 sy,

How to block a specific file with hash value?

Hi Guys, I am using a pair of PA820 with TP, URL Scan and WF. I received a list of hash values from my Authority but couldn't find any hits on VirusTotal. Without doubting my big boss, I wanted to manually block it in the firewall but could not find