Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
High
Cyberbit has released a report on a Remote Administration Tool (RAT) called Dtrack that was used in an attack on the Indian nuclear power plant (Kudankulam Nuclear Power Plant or KNPP for short) in what appears to be an APT attack. The North Korean threat group Lazarus (tracked internally as ITG03 by IBM), also widely known as HIDDEN COBRA, is believed to have authored Dtrack. Internal credentials for KNPP’s network were hard-coded into the version of Dtrack examined implying it was the second phase of a targeted attack. Along with the Dtrack variant, three droppers were also found in the network that share techniques similar to those used by the banking trojans, BackSwap and Ursnif. BackSwap inserts itself into legitimate applications, such as OllyDbg, 7-Zip and FileZilla. This has an advantage in that the icon and program details appear to be legitimate. The Ursnif variant found was compiled without the NX-bit set. This allows the malware to execute code directly from its heap or stack.
Exposure of sensitive information
SHA-256