Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
High
The Chinese espionage group PIGFISH (a.k.a. APT41) has launched a global intrusion campaign starting from January 20th. FireEye reported that these intrusions seems to focus on the exploitation of the CVE-2019-19781 (Citrix ADC), CVE-2020-10189 (Zoho ManageEngine zero-day), and CVE-2019-1653 and CVE-2019-1652 (Cisco RV320/RV325 routers) vulnerabilities to achieve remote code execution for initial access.
Chinese actor APT41 is carrying out one of the broadest campaigns, currently going on and having started in January. APT41 is attempting to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central at over 75 organizations in 20 countries.
Targeted Countries: The campaign targeted victims in Qatar, Australia, Canada, Denmark, Finland, France, India, Italy, Japan, Malaysia, Mexico, Philippines, Poland, Saudi Arabia, Singapore, Sweden, Switzerland, UAE, UK, and USA.
Targeted Industries: The following industries were targeted: Banking/Finance, Construction, Defense Industrial Base, Government, Healthcare, High Technology, Higher Education, Legal, Manufacturing, Media, Non-profit, Oil & Gas, Petrochemical, Pharmaceutical, Real Estate, Telecommunications, Transportation, Travel, and Utility.
Vulnerabilities Exploited: CVE-2019-19781 in Citrix NetScaler/ADC, CVE-2019-1652 and CVE-2019-1653 in Cisco routers, and CVE-2020-10189 in Zoho ManageEngine Zero-Day Vulnerability,CVE-2019-3396 in Widget Connector macro in Atlassian Confluence Server.
Domain Name
MD5
SHA-256
Source IP