Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
March 22, 2023Severity Medium Analysis Summary Mekotio is a banking trojan that targets users in Latin America and Europe. It is primarily distributed via phishing emails and infected […]March 22, 2023Analysis Summary Overview – 23rd Mar – A Big Day – As we approach the 23rd of March, Pakistan Day, organizations and individuals should be aware […]March 22, 2023Severity High Analysis Summary CVE-2023-28684 CVSS:7.1 Jenkins remote-jobs-view-plugin Plugin could allow a remote authenticated attacker to obtain sensitive information, caused by improper handling of XML external […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
March 22, 2023Severity Medium Analysis Summary Mekotio is a banking trojan that targets users in Latin America and Europe. It is primarily distributed via phishing emails and infected […]March 22, 2023Analysis Summary Overview – 23rd Mar – A Big Day – As we approach the 23rd of March, Pakistan Day, organizations and individuals should be aware […]March 22, 2023Severity High Analysis Summary CVE-2023-28684 CVSS:7.1 Jenkins remote-jobs-view-plugin Plugin could allow a remote authenticated attacker to obtain sensitive information, caused by improper handling of XML external […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Advisory – CVE-2021-3411 – Linux Kernel can_optimize function code execution
February 22, 2021Rewterz Threat Advisory – CVE-2021-26544 – Apache Livy cross-site scripting
February 23, 2021
Severity
High
Analysis Summary
The “Baby Elephant” organization is an APT attack organization from the direction of the South Asian subcontinent. The Baby Elephant organization’s attacks can be traced back to July 2017. Its main targets are the governments, military, defense, foreign affairs, nuclear energy, finance, education, telecommunications and other departments of South Asian countries such as Pakistan, Bangladesh, Sri Lanka, and Maldives. The recently captured baby elephant organization attack methods are mainly to deliver compressed packages containing blank RTF documents used for social work protection and LNK files containing malicious links to victims. The file names of the compressed packages, RTF files and LNK files are all It is related to Heavy Mechanical Complex Ltd (Heavy Mechanical Complex Ltd., a national engineering company under the Ministry of Industry and Production of Pakistan.
Impact
Information theft and espionage
Indicators of Compromise
Filename
- SUPPLY_OF_03_TON_MOT_CRANE_HOIST[.]zip
MD5
- b5cde0905326930c25f49bb20ddea5db
- c5aabc607102e93f489223e2f6d601a1
SHA-256
- 7dfcf1524953433816b9437e74d65bb81517f84ef0c6301d0fc6a901700290a3
- d55ff954abb04ec29745f7d80ea7457a862c8025a21e889f1ba44c32ba486a7e
SHA1
- fcc24f86852fe8f6ea6d541d45af9ca0e9c4c71f
- e16970ef74d1103f393d3128286c9d27f2c9f4f3
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.