Rewterz Threat Advisory – Linux Kernel Multiple Security Vulnerabilities
March 12, 2021Rewterz Threat Alert – Microsoft Exchange Servers Hit With DEARCRY Ransomware
March 12, 2021Rewterz Threat Advisory – Linux Kernel Multiple Security Vulnerabilities
March 12, 2021Rewterz Threat Alert – Microsoft Exchange Servers Hit With DEARCRY Ransomware
March 12, 2021Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially-available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
Impact
Information theft and espionage
Indicators of Compromise
Filename
- Hoa don tien no[.] zip
MD5
- 3fae1d5f25020829edbb5e95cc7f7836
SHA-256
- aa331051db461ff1dc760616f23770293a91257087fd079e2e76c122db7c0561
SHA1
- 1535e05a1970423d70bdf7a03e2dd026e458b4b6
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.