March 22, 2024

Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs

Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]

March 22, 2024

Rewterz Threat Alert – Russian Threat Actors Target European NGO Systems with TinyTurla-NG Backdoor – Active IOCs

Severity High Analysis Summary Turla, a Russian espionage threat actor, infected and compromised many systems of an unknown non-governmental organization (NGO) in Europe by deploying a […]

March 22, 2024

Rewterz Threat Advisory – CVE-2024-26246 – Microsoft Edge Vulnerability

Severity Low Analysis Summary CVE-2024-26246 Microsoft Edge (Chromium-based) could allow a physical authenticated attacker to bypass security restrictions. An attacker could exploit this vulnerability to bypass […]

March 22, 2024

Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs

Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]

March 22, 2024

Rewterz Threat Alert – Russian Threat Actors Target European NGO Systems with TinyTurla-NG Backdoor – Active IOCs

Severity High Analysis Summary Turla, a Russian espionage threat actor, infected and compromised many systems of an unknown non-governmental organization (NGO) in Europe by deploying a […]

March 22, 2024

Rewterz Threat Advisory – CVE-2024-26246 – Microsoft Edge Vulnerability

Rewterz Threat Advisory – CVE-2022-22396 – IBM Spectrum Protect Plus Vulnerability

June 8, 2022

Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs

June 8, 2022

Rewterz Threat Alert – Mirai Botnet – Active IOCs

June 8, 2022

Severity

High

Analysis Summary

A new Mirai variant is making the rounds called mirai_pteamirai. The botnet exploits a vulnerability in KGUARD DVR to spread within an environment. The vulnerability exists in the 2016 firmware version and is fixed in any version after the 2017 release. This botnet is active and used to cause DDoS conditions.

Impact

Server Outage
Data Loss
Website Downtime

Indicators of Compromise

MD5

7d3eb1f1a3f431de53de75221fca7c77
135f64df6197cc0783256e825c55224a
e8630e3e4de23aff4f0038fe3b46c299
c9b6c07e3ada9f2c98764749fced64db
d0b1903f13e6901ae2d7fede6740963c
65f82847828c3da982511185cd71fb45
d39eac79dd8033c79424a6edcd7db685
cb75ce1cfd3cf31dbbd0a15cd16b663a
5f700ec9c7b4dae328057a4b120a906f
3b0d4dad6659d6cdc2f1456defb4cf6d
ccd30f3ada056d71f1a73df4242a9142

SHA-256

5ffbfdb1afce7f11acfd860a940649f191241ce877c028b29f0ef4ff865ecde2
437312e7cf027cf8ee6b9f6f18fac62270757876240736463d046870e5436f71
3a2060820dd24383935fca7442650059e4f258e86ee51e4320d1da8cfe429433
ec6499f5e46f1662c8a88d4ea6d6d6b0d1870dc6e37da12708e91451d19d7dbc
c7394ea89589a2c94ce63b21a2ca8dc4baeb8265b757ecc5f7bcb29bc2e91a62
f1e95414254998799415dae7e926d69359cf95d15d975eba060322e38d603869
56dc96146dcf814984efa774fbb236e9587022fc249098c24014fd13a5c02186
7378ea1770caaebdad42fd9e491372e0234e19949553fd515afc3e0e01486d88
2df25bd3d38f5aca7726bafe16502e1de13582c8c36c2de6fa1b4853a83edefc
a74dabdf20a547decdfadf7e17cb7f5ef5f2bcc0d41d17a6a35a5c7444801642
8987c13681130bafbefeb694ce8c5e7ead783b3f7758d63a420f2c3ef95922bc

SHA-1

b747ed6617b8c19429859e2334087cc22bdbc1e7
5729f589b0fa3fbd8d7faa875e082223dab43154
9fe2ff89b237a7d4b0ffff50c291c7c03f3ff766
0720a89b3a64e42cbc9d3ad7bbe3b3014e7a6433
50ba7469d6eeff68da23c5bce6fbb542103d9aa7
73994827bd3f45bcaa1ee41047ac9e6e8e3dbd9a
36e298752679940efbef4b806b5f7fefd6610513
94d1e80a5822e6233d940c2f1f147e0f388c2f22
d11e741b3a60366964059136f6f0905c816bd481
848c8b68ac4241b2a69ff3c20bb79cf6c5d8a46a
be281d753d5f9cdc63227bdc0bb5a147d551fbf1

Remediation

Upgrade your operating system.
Don’t open files and links from unknown sources.
Install and run anti-virus scans.

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs

Rewterz Threat Alert – Russian Threat Actors Target European NGO Systems with TinyTurla-NG Backdoor – Active IOCs

Rewterz Threat Advisory – CVE-2024-26246 – Microsoft Edge Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs

Rewterz Threat Alert – Russian Threat Actors Target European NGO Systems with TinyTurla-NG Backdoor – Active IOCs

Rewterz Threat Advisory – CVE-2024-26246 – Microsoft Edge Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – CVE-2022-22396 – IBM Spectrum Protect Plus Vulnerability

Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs