🐾 - 🚨 Application for Windows 🪟 with Amplitude.com telemetry enabled - Possible Leak 🚱

SID: 3321358Rev: 151 views
Sourcepawpatrules
CreatedAugust 25, 2024
UpdatedAugust 25, 2024
Classificationpolicy-violation
alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"🐾 - 🚨 Application for Windows 🪟 with Amplitude.com telemetry enabled - Possible Leak 🚱"; flow:to_server, stateless; threshold:type limit, track by_src,count 1, seconds 86400; tls_sni; content:"api.amplitude.com"; nocase; endswith; ja3.hash; content:"3b5074b1b5d032e5620f69f9f700ff0e"; fast_pattern; reference:url,https://amplitude.com/; metadata:created_at 2024_08_25, updated_at 2024_08_25; sid:3321358; rev:1; classtype:policy-violation;)

References

urlhttps://amplitude.com/

Metadata

created at2024_08_25
updated at2024_08_25

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!