14 matches found
CVE-2023-29486
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component. NOTE: Heimdal argues that the limitation described here is a...
CVE-2023-29486
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component. NOTE: Heimdal argues that the limitation described here is a...
CVE-2023-29486
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component. NOTE: Heimdal argues that the limitation described here is a...
Design/Logic Flaw
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component...
CVE-2023-29486
The CVE-2023-29486 entry concerns Heimdal Thor agent for Windows, affected in versions 3.4.2 and earlier than 3.7.0. The issue allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via the Next-Gen Antivirus component. Red Hat and Ubuntu ecos...
Heimdal security breach
Heimdal is a Kerberos implementation and security program from Heimdal Open Source. A security vulnerability exists in Heimdal that originated from allowing an attacker to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via the Next-Gen Antivirus component...
CVE-2023-29486
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component. Notes Author| Note ---|--- iconstantin | The heimdal package in...
CVE-2023-29486
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component. NOTE: Heimdal argues that the limitation described here is a...
CVE-2023-29486
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via Next-Gen Antivirus component. NOTE: Heimdal argues that the limitation described here is a...
PT-2023-22278 · Microsoft +1 · Windows +1
Name of the Vulnerable Software and Affected Versions: Heimdal Thor agent versions 3.4.2 through 3.7.0 Description: An issue in the Heimdal Thor agent allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information via the Next-Gen Antivirus component...
What’s New in Rapid7 Detection & Response: Q3 2023 in Review
This post takes a look at some of the investments we've made throughout Q3 2023 to our Detection and Response offerings to provide advanced DFIR capabilities with Velociraptor, more flexibility with custom detection rules, enhancements to our dashboard and log search features, and more. Stop...
Small Business Benefits of Moving to the Cloud: Resource Friendly
Small businesses never seem to have enough people or funding, and the last thing they need is for their security solution to be eating up precious resources. Your people are stretched thin and don’t really have time or budget to source new hardware or push software updates. Not to mention the...
Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...
Contain Attacks in Real Time with Live Response in Cb Defense
Endpoint security is broken. Yes, you’ve heard it before - traditional, signature-based antivirus AV can’t keep up with the volume of new malware and advanced attack methods being developed by cyber criminals every day. And that’s absolutely true. But a report published last year highlights an ev...