21 matches found
CVE-2023-49329
Anomali Match before 4.6.2 allows OS Command Injection. An authenticated admin user can inject and execute operating system commands. This arises from improper handling of untrusted input, enabling an attacker to elevate privileges, execute system commands, and potentially compromise the underlyi...
CVE-2019-11641
Anomali Agave formerly Drupot through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system...
EUVD-2019-3311
Malware in sbrugna...
CVE-2023-49329
Anomali Match before 4.6.2 allows OS Command Injection. An authenticated admin user can inject and execute operating system commands. This arises from improper handling of untrusted input, enabling an attacker to elevate privileges, execute system commands, and potentially compromise the underlyi...
CVE-2023-49329
Anomali Match before 4.6.2 allows OS Command Injection. An authenticated admin user can inject and execute operating system commands. This arises from improper handling of untrusted input, enabling an attacker to elevate privileges, execute system commands, and potentially compromise the underlyi...
Command injection
Anomali Match before 4.6.2 allows OS Command Injection. An authenticated admin user can inject and execute operating system commands. This arises from improper handling of untrusted input, enabling an attacker to elevate privileges, execute system commands, and potentially compromise the underlyi...
CVE-2023-49329
Anomali Match (CVE-2023-49329) before 4.6.2 is vulnerable to OS Command Injection due to improper handling of untrusted input. An authenticated admin user can inject and execute operating system commands, potentially compromising the underlying OS. The earliest affected version is 4.3; fixed in 4...
PT-2024-13722 · Anomali · Anomali Match
Name of the Vulnerable Software and Affected Versions: Anomali Match versions prior to 4.6.2 Description: The issue arises from improper handling of untrusted input, enabling an attacker to inject and execute operating system commands. An authenticated admin user can elevate privileges, execute...
Anomali Match Security Vulnerability
Anomali Match is a big data security analytics engine from Anomali that automates threat detection, investigation and response. A security vulnerability exists in Anomali Match version 4.6.2 and prior versions, which stems from mishandling of untrusted input and could lead to an operating system...
CVE-2023-49329
Anomali Match before 4.6.2 allows OS Command Injection. An authenticated admin user can inject and execute operating system commands. This arises from improper handling of untrusted input, enabling an attacker to elevate privileges, execute system commands, and potentially compromise the underlyi...
CVE-2023-49329
Anomali Match before 4.6.2 allows OS Command Injection. An authenticated admin user can inject and execute operating system commands. This arises from improper handling of untrusted input, enabling an attacker to elevate privileges, execute system commands, and potentially compromise the underlyi...
FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor
A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale PoS service provider located in the U.S. The attacks, which are believed to have taken...
WordPress Sites Abused in Aggah Spear-Phishing Campaign
Threat actors are using compromised WordPress websites to target manufacturers across Asia with a new spear-phishing campaign that delivers the Warzone RAT, a commodity infostealer available widely for purchase on criminal forums, researchers have found. The threat group Aggah, believed to be...
Hackers Using Microsoft Build Engine to Deliver Malware Filelessly
Threat actors are abusing Microsoft Build Engine MSBuild to filelessly deliver remote access trojans and password-stealing malware on targeted Windows systems. The actively ongoing campaign is said to have emerged last month, researchers from cybersecurity firm Anomali said on Thursday, adding th...
CVE-2019-11641
Anomali Agave formerly Drupot through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system...
CVE-2019-11641
Anomali Agave formerly Drupot through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system...
Information disclosure
Anomali Agave formerly Drupot through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system...
CVE-2019-11641
CVE-2019-11641 affects Anomali Agave (formerly Drupot) up to version 1.0.0. The root cause is fingerprinting via predictable data and minimal variation in HTML template sizes, enabling attackers to detect and avoid the system. Impact is limited to detection/avoidance as described; no explicit exp...
CVE-2019-11641
Anomali Agave formerly Drupot through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system...
Years-Long Phishing Campaign Targets Saudi Gov Agencies
An ongoing three-year-old phishing campaign has been targeting the credentials of Saudi Arabian government agencies — with a financially motivated actor the likely culprit. The campaign, code-named “Bad Tidings,” has siphoned victims’ credentials by pretending to be the Kingdom’s Ministry of...