November 20, 2023

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]

November 19, 2023

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Severity High Analysis Summary The STOP/DJVU ransomware initially made headlines in 2018 and has since been attacking individuals all around the world. It’s widespread on torrent […]

November 19, 2023

Rewterz Threat Advisory – CVE-2023-40363 – IBM InfoSphere Information Server Vulnerability

Severity High Analysis Summary CVE-2023-40363 IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. Impact […]

November 20, 2023

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]

November 19, 2023

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Severity High Analysis Summary The STOP/DJVU ransomware initially made headlines in 2018 and has since been attacking individuals all around the world. It’s widespread on torrent […]

November 19, 2023

Rewterz Threat Advisory – CVE-2023-40363 – IBM InfoSphere Information Server Vulnerability

Rewterz Threat Alert – IcedID banking Trojan – Active IOCs

August 4, 2022

Rewterz Threat Advisory – Multiple F5 BIG-IP Vulnerabilities

August 4, 2022

Rewterz Threat Alert – Mirai Botnet – Active IOCs

August 4, 2022

Severity

High

Analysis Summary

A new Mirai variant is making the rounds called mirai_pteamirai. This botnet is one of the significant botnets targeting exposed networking devices running Linux. Mirai means ‘future’ in Japanese. This botnet is one of the active botnet and used to cause DDoS conditions. IP cameras, home routers, and other IoT devices are the common targets of this botnet.

Impact

Server Outage
Data Loss
Website Downtime

Indicators of Compromise

MD5

e12642d4f1907aedf859474bf971498f
b4239bb1d2a994acc41d88c5c1aa1442
1577ea5561b8d5c7cda4f90dbf43c526
9676355183c55e36bb21028d517989fb
43f3ed11c90a9dbd3b295ff4ec047efb

SHA-256

990ecd83bb3c52943b8a6413b3cdc75a62e7cf23fac09bdd56d71fa7d642732b
fbcec9f36ed3f1216f324751bf0ca7fbdb3748d5338051388c1d45ebaf2fa338
95e56fd28e9a2519ebecfc91af025fc4eba6806ca885232ac2843e2a9f3a27d0
5c0cb06ece548b477f24c3a21c1bf772ec442c166bb392d49de492c108301c70
9f0cf8ee6b48f0fc481e12b0fb7cf5c020f5f78bd29543f9840ec5fc0eaf309a

SHA-1

1c2805bfd6ec0c685adf89452e22e1bde471cc3e
e21a65eaf7d5bc0fd458608aefeaa7b4ce45ec25
50d1292abfbdaa3310238325e88dd227a7fdda6d
09fde9164232d0604229604dc2cc68f953ff98e3
3c834c697b10238d3245486898042e37a8a0bb7e

Remediation

Upgrade your operating system.
Don’t open files and links from unknown sources.
Install and run anti-virus scans.

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Rewterz Threat Advisory – CVE-2023-40363 – IBM InfoSphere Information Server Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Rewterz Threat Advisory – CVE-2023-40363 – IBM InfoSphere Information Server Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – IcedID banking Trojan – Active IOCs

Rewterz Threat Advisory – Multiple F5 BIG-IP Vulnerabilities