Rewterz Threat Advisory –CVE-2021-36958 – Microsoft Windows Print Spooler service Vulnerability
August 12, 2021Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
August 13, 2021Rewterz Threat Advisory –CVE-2021-36958 – Microsoft Windows Print Spooler service Vulnerability
August 12, 2021Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
August 13, 2021Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
Impact
- Information Theft and Espionage
Indicators of Compromise
MD5
- 740e79e30fffec643db637498adfa6a3
SHA-256
- 3631ea183b88c425aaee1b27d8048c1b2470dc56869fb76425724eaf0af4b3a0
SHA-1
- 23125a1abbff6f674355463055955a62f5bffa33
Remediation
- Block all the threat indicators at your respective controls.
- Search for IOCs in your environment.