Rewterz Threat Alert – SideWinder APT Group Targeting Pakistan Air Force
January 6, 2021Rewterz Threat Advisory – CVE-2020-29010 – Multiple FortiGuard Security Vulnerabilities
January 6, 2021Rewterz Threat Alert – SideWinder APT Group Targeting Pakistan Air Force
January 6, 2021Rewterz Threat Advisory – CVE-2020-29010 – Multiple FortiGuard Security Vulnerabilities
January 6, 2021Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially-available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
Impact
- Espionage
- Exposure of data
- Information theft
Indicators of Compromise
MD5
- 2804951e200689ef26a221944731d7ac
SHA-256
- 683d3c7488fca6c563af60d5adb098cb8e6fdb7447f83dc560e581311da75f1f
SHA1
- 3b8ca2bc8749983e1116ae955d98e635d28e427b
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.