Cortex XDR:
Uncategorized
2
Posts
2
Posters
0
Views
-
Cortex XDR:
OMG IT'S UNAME!@?!?!?!
Alert Name: Uncommon Linux shell command execution trying to gather information about the system
Alert id: [redacted]
Severity: Low
Source: XDR Analytics BIOC
Category: Execution
Action: Detected
Description: The process bambu-studio has executed a shell command using the sh shell interpreter. This type of process spawning this shell is uncommon in the organization. The potential risks include exploitation of a legitimate process or malware that executes shell commands. The combination of both child and parent was seen on 0 different hosts across 0 unique days in the last 30 days. The shell command is gathering information about the host system. The full executed command line is: sh -c -- uname -r 2>/dev/null
Host: [redacted]
Username: [redacted] -
Cortex XDR:
OMG IT'S UNAME!@?!?!?!
Alert Name: Uncommon Linux shell command execution trying to gather information about the system
Alert id: [redacted]
Severity: Low
Source: XDR Analytics BIOC
Category: Execution
Action: Detected
Description: The process bambu-studio has executed a shell command using the sh shell interpreter. This type of process spawning this shell is uncommon in the organization. The potential risks include exploitation of a legitimate process or malware that executes shell commands. The combination of both child and parent was seen on 0 different hosts across 0 unique days in the last 30 days. The shell command is gathering information about the host system. The full executed command line is: sh -c -- uname -r 2>/dev/null
Host: [redacted]
Username: [redacted]@kajer The infamous hacker known only as uname strikes again!
-
R relay@relay.infosec.exchange shared this topic
