September 14, 2023

Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs

Severity High Analysis Summary Kimsuky is a North Korean advanced persistent threat (APT) group, also known as “Black Banshee”. The group has been active since at […]

September 14, 2023

Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities

Severity High Analysis Summary CVE-2023-4213 CVSS:8.8 Simplr Registration Form Plus+ plugin for WordPress could allow a remote authenticated attacker to bypass security restrictions, caused by an […]

September 14, 2023

Rewterz Threat Advisory – ICS: Multiple Siemens Products Vulnerabilities

Severity High Analysis Summary CVE-2023-41032 CVSS:7.8 Siemens Parasolid could allow a remote attacker to execute arbitrary code on the system, caused by an out of bounds […]

September 14, 2023

Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs

Severity High Analysis Summary Kimsuky is a North Korean advanced persistent threat (APT) group, also known as “Black Banshee”. The group has been active since at […]

September 14, 2023

Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities

September 14, 2023

Rewterz Threat Advisory – ICS: Multiple Siemens Products Vulnerabilities

Severity High Analysis Summary CVE-2023-41032 CVSS:7.8 Siemens Parasolid could allow a remote attacker to execute arbitrary code on the system, caused by an out of bounds […]

Rewterz Threat Advisory – CVE-2020-3961 – VMware Horizon Client for Windows update privilege escalation vulnerability

June 11, 2020

Rewterz Threat Alert – Valak Malware and the Connection to Gozi Loader

June 11, 2020

Rewterz Threat Advisory – CVE-2020-3960 – VMware ESXi, Workstation and Fusion information disclosure Vulnerability

June 11, 2020

Severity

Medium

Analysis Summary

VMware ESXi, Workstation and Fusion contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine may be able to read privileged information contained in memory.

Impact

Information disclosure

Affected Vendors

VMware

Affected Products

VMware ESXi 6.5
VMware ESXi 6.7
VMware Workstation 15.0
VMware Fusion 11.0

Remediation

Refer to vendor’s advisory for the upgraded patches.

https://www.vmware.com/security/advisories/VMSA-2020-0012.html

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs

Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities

Rewterz Threat Advisory – ICS: Multiple Siemens Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs

Rewterz Threat Advisory – Multiple WordPress Plugins Vulnerabilities

Rewterz Threat Advisory – ICS: Multiple Siemens Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us