Rewterz Threat Advisory –CVE-2021-35936 – Apache Airflow Security Vulnerability
August 17, 2021Rewterz Threat Alert – Trickbot Malware – Fresh IOCs
August 17, 2021Rewterz Threat Advisory –CVE-2021-35936 – Apache Airflow Security Vulnerability
August 17, 2021Rewterz Threat Alert – Trickbot Malware – Fresh IOCs
August 17, 2021Severity
High
Analysis Summary
The SideWinder Advanced Persistent Threat (APT) group has used recent territory disputes between China, India, Nepal, and Pakistan as lures. The goal is to gather sensitive information from its targets, mainly located in Nepal and Afghanistan. The targets here include multiple government and military units for countries in the region researchers said, including the Nepali Ministries of Defense and Foreign Affairs, the Nepali Army, the Afghanistan National Security Council, the Sri Lankan Ministry of Defense, the Presidential Palace in Afghanistan, and more.
Impact
- Information Theft and Espionage
Indicators of Compromise
Filename
- Quranic Arabic Language Course[.]docx
MD5
- 6af2470805fe10cf881871a6babf9986
SHA-256
- 66ddbdfe9328d6a3f49abbb814252617fce0e05934ceeef9813e8bd30385fe50
SHA1
- 8cf54a1e81d1fe1ac31fa42ede46a6599a9d9dd8
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.