Blog

June 26, 2020

Malware Analysis – Malicious Macros

Introduction Advanced Persistent Threat (APT-C-35) group, believed to be based in India, has been observed targeting government and military personnel in Pakistan using spear phishing emails. […]
June 22, 2020

Analysis on Sidewinder APT Group – COVID-19

Introduction Hardcore Nationalist group SideWinder is a threat group active since 2012 according to Kaspersky. This group mainly targets Pakistanis and Chinese military & government entities’ […]
June 15, 2020

Exposed Vulnerabilities and Their Impacts

Many users operating in the cyberspace are unaware of the curse of vulnerabilities. Being the initiating point of many cyber-attacks, vulnerabilities demand much more attention. These […]
June 8, 2020

Ransomware Attacks Surge in COVID19

Overview Commonly known as a malware from cryptovirology, Ransomware encrypts victim’s data and makes it inaccessible. The threat actors that operate a ransomware demand a ransom […]
June 2, 2020

Nanocore RAT Malware Analysis

About this Report The goal of this report is to provide actionable intelligence against threat actors along with malware or other tools they use for reconnaissance, […]
May 10, 2020

COVID-19 Remote Collaboration Challenges, Threats and Frauds in the Cyberspace

Overview Earlier in our blog, we listed many cyber-attacks launched by adversaries that were making use of the COVID19 fear to target victims. This blog reflects […]
May 1, 2020

4 Reasons Why You Should Outsource Your SOC

The Security Operations Center (SOC) is a specialized area of cyber security that maintains a detailed situational awareness of your organizational assets to prevent from threats […]
April 20, 2020

Sidewinder APT Group Campaign Analysis

Summary Hardcore Nationalist (HN2) aka Sidewinder APT Group, which has been working in the interest of Indian Government, has been observed targeting Pakistani Government Officials through […]
April 15, 2020

RagnarLocker Ransomware Hits EDP Energy Giant for $10.9M

Overview Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a […]
April 11, 2020

Rewterz Official Statement on the Reported Data Breach of 115M Pakistani Mobile Users

On Friday night at 12:15 AM our Threat Intelligence team published an advisory regarding Pakistani mobile user data being sold on the dark web for a […]
April 10, 2020

115 Million Pakistani Mobile Users Data Go on Sale on Dark Web

Rewterz, a pioneer of specialized cybersecurity services in Pakistan, has discovered a data dump of 115 million Pakistani mobile users data that have shown up for […]
April 6, 2020

Maze Ransomware Targets State-owned oil Company of Algeria

Overview Latest campaign of Maze ransomware has targeted and encrypted data from Berkine, a joint venture between Sonatrach, the state-owned oil company of Algeria, and the […]

Talk with an Expert

Provide your details to speak with a security expert.
Request a meeting
March 30, 2019

Zero-Day Vulnerabilities in Microsoft Web Browsers

Analysis Summary Same Origin Policy (SOP) is a security mechanism that is implemented in modern browsers, the basic idea behind the SOP is the javaScript from […]
March 30, 2019

Informative Update: Gulf Bank – Service Disruption

Analysis Summary Gulf bank encountered the service disruption on 27th March 2019 which impacted the operations on international transfers , and now Gulf Bank of Kuwait […]
March 30, 2019

Rewterz Threat Advisory – CVE-2019-3813 – Amazon Linux update for spice

Analysis Summary CVE-2019-3813 Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a […]
March 30, 2019

Rewterz Threat Advisory – VMware ESXi / Workstation Player Multiple Vulnerabilities

Severity Medium Analysis Summary 1) An error related to the virtual USB 1.1 UHCI (Universal Host Controller Interface) can be exploited to cause an out-of-bounds memory […]
March 29, 2019

Rewterz Threat Advisory – Red Hat update for libssh2

Severity Medium Analysis Summary CVE-2019-3863A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are […]
March 29, 2019

Rewterz Threat Advisory – CVE-2017-3823 Cisco WebEx Browser Extension Remote Code Execution Vulnerability

Severity High Analysis Summary A vulnerability in Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the […]
March 29, 2019

CVE-2018-19282 Rockwell Automation PowerFlex 525 AC Drives

Severity Medium Analysis Summary A remote, unauthenticated threat actor can repeatedly send specific CIP packets to an affected PowerFlex 525 drive, which may allow disruption of […]
March 28, 2019

Rewterz Threat Advisory – Trend Micro OfficeScan XG Security Bypass Vulnerability

Severity Low Analysis Summary Cookie security is not enabled in the OfficeScan web console’s HTTP response. A possible zero-day vulnerability may allow an attacker to bypass […]
March 28, 2019

Rewterz Threat Advisory – CVE-2019-6569 SIEMENS SCALANCE X – Expected Behavior Violation

Severity Medium Analysis Summary CVE-2019-6569 The monitor barrier of the affected products insufficiently blocks data from being forwarded over the mirror port and into the mirrored […]