Important information regarding Content Apps & Threats version 8540 (TID: 86523)

Important information regarding Content Apps & Threats version 8540 (TID: 86523)

10209
Created On 03/11/22 18:25 PM - Last Modified 03/14/22 12:11 PM


Symptom


Benign traffic triggering on PoshC2 Command and Control Traffic Detection (ID 86523)

Environment


Palo Alto Networks NGFW on Content Apps & Threats version 8540

Cause


Only Palo Alto Networks customers running Applications and Threats content release 8540 might have seen a false positive trigger on the signature, “PoshC2 Command and Control Traffic Detection” (ID 86523).

Resolution


Customers on content release version 8540 should update their Applications and Threats content release 8541 or later.
Customers that are on content release version 8539 or earlier were not impacted and no action is required. 

Additional Information


How to Create a Threat Exception:

 https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/threat-prevention/create-threat-exceptions.html
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004NZmCAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language