Over 2017 we collected and analyzed an immense amount of information, from multiple, diverse data sources and geographic locations globally, generating valuable intelligence for new, emerging and advanced security threats giving our clients a unique advantage in predictability, preparation and response.
Operating system (OS) command injection attack is a variant of code injection attacks which are considered a major security threat that in fact, is classified as No. 1 on the 2013 OWASP top ten web security risks . The main objective of this article is to examine the detection and exploitation capabilities of Commix against blacklisting techniques. The general idea behind blacklisting is to check for malicious patterns before allowing the execution of users input.
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.
Data protection has entered a period of unparalleled change. Individuals, Organisations and Regulation Authorities are nowadays more concerned than ever, taking under consideration the increasing number of high profile data breaches. Obrela Security Industries is well prepared to assist global organizations in establishing preparedness and achieving compliance with the GDPR through our extensive portfolio of Cyber Security Services, which offer an unprecedented level of real-time operational visibility, security situational awareness, and policy - processes management and compliance monitoring.