Blog

June 26, 2020

Malware Analysis – Malicious Macros

Introduction Advanced Persistent Threat (APT-C-35) group, believed to be based in India, has been observed targeting government and military personnel in Pakistan using spear phishing emails. […]
June 22, 2020

Analysis on Sidewinder APT Group – COVID-19

Introduction Hardcore Nationalist group SideWinder is a threat group active since 2012 according to Kaspersky. This group mainly targets Pakistanis and Chinese military & government entities’ […]
June 15, 2020

Exposed Vulnerabilities and Their Impacts

Many users operating in the cyberspace are unaware of the curse of vulnerabilities. Being the initiating point of many cyber-attacks, vulnerabilities demand much more attention. These […]
June 8, 2020

Ransomware Attacks Surge in COVID19

Overview Commonly known as a malware from cryptovirology, Ransomware encrypts victim’s data and makes it inaccessible. The threat actors that operate a ransomware demand a ransom […]
June 2, 2020

Nanocore RAT Malware Analysis

About this Report The goal of this report is to provide actionable intelligence against threat actors along with malware or other tools they use for reconnaissance, […]
May 10, 2020

COVID-19 Remote Collaboration Challenges, Threats and Frauds in the Cyberspace

Overview Earlier in our blog, we listed many cyber-attacks launched by adversaries that were making use of the COVID19 fear to target victims. This blog reflects […]
May 1, 2020

4 Reasons Why You Should Outsource Your SOC

The Security Operations Center (SOC) is a specialized area of cyber security that maintains a detailed situational awareness of your organizational assets to prevent from threats […]
April 20, 2020

Sidewinder APT Group Campaign Analysis

Summary Hardcore Nationalist (HN2) aka Sidewinder APT Group, which has been working in the interest of Indian Government, has been observed targeting Pakistani Government Officials through […]
April 15, 2020

RagnarLocker Ransomware Hits EDP Energy Giant for $10.9M

Overview Attackers using the Ragnar Locker ransomware have encrypted the systems of Portuguese multinational energy giant Energias de Portugal (EDP) and are now asking for a […]
April 11, 2020

Rewterz Official Statement on the Reported Data Breach of 115M Pakistani Mobile Users

On Friday night at 12:15 AM our Threat Intelligence team published an advisory regarding Pakistani mobile user data being sold on the dark web for a […]
April 10, 2020

115 Million Pakistani Mobile Users Data Go on Sale on Dark Web

Rewterz, a pioneer of specialized cybersecurity services in Pakistan, has discovered a data dump of 115 million Pakistani mobile users data that have shown up for […]
April 6, 2020

Maze Ransomware Targets State-owned oil Company of Algeria

Overview Latest campaign of Maze ransomware has targeted and encrypted data from Berkine, a joint venture between Sonatrach, the state-owned oil company of Algeria, and the […]

Talk with an Expert

Provide your details to speak with a security expert.
Request a meeting
February 26, 2020

Rewterz Threat Advisory – ICS: Moxa MB3xxx Series Protocol Gateways

Severity High Analysis Summary CVE-2019-9099 Two separate issues cause a buffer overflow in the built-in web server that may allow a remote attacker to initiate a […]
February 26, 2020

Rewterz Threat Advisory – ICS: Moxa EDS-G516E and EDS-510E Series Ethernet Switches Multiple Vulnerabilities

Severity High Analysis Summary CVE-2020-7007 The attacker may execute arbitrary codes or target the device, causing it to go out of service. CVE-2020-7001 The affected products […]
February 25, 2020

Rewterz Threat Alert – WinPot Malware Turns ATM into a Slot Machine

Severity High Analysis Summary WinPot ATM Malware has affected more than 120 ATM machines and the number of affected victims is growing. Jackpotting commonly refers to […]
February 24, 2020

Rewterz Threat Alert – Haken and Joker Malware found in Apps on Google Play

Severity High Analysis Summary Clickers, (malware that mimics the user and performs ‘clicks’ on ads), are a rising threat in the mobile industry. 47 new applications […]
February 24, 2020

Rewterz Threat Advisory – Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol

Severity High Analysis Summary CVE-2020-3120 The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit […]
February 23, 2020

Rewterz Threat Advisory – CVE-2019-16028 – Cisco Firepower Management Center

Severity High Analysis Summary The vulnerability is due to improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. An attacker […]
February 22, 2020

Rewterz Threat Advisory – ICS: Honeywell NOTI-FIRE-NET Web Server (NWS-3)

Severity High Analysis Summary CVE-2020-6972 The Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. CVE-2020-6974 The affected product […]
February 21, 2020

Rewterz Threat Advisory – ICS: Rockwell Automation FactoryTalk Diagnostics

Severity High Analysis Summary CVE-2020-6967  Factory Talk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data. Impact Deserialization of […]
February 21, 2020

Rewterz Threat Advisory – ICS: B&R Industrial Automation Automation Studio and Automation Runtime

Severity High Analysis Summary CVE-2019-19108 The affected products are vulnerable to a weakness in SNMP service, which allows unauthenticated users to modify the configuration via the […]