• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – ICS: CVE-2020-16235 – Emerson OpenEnterprise SCADA Software
August 26, 2020
Rewterz Threat Advisory – CVE-2020-3517 – Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability
August 27, 2020

Rewterz Threat Alert – Phishing Campaign Targeting Pakistani Users

August 27, 2020

Severity

Medium

Analysis Summary

A recently active phishing campaign targeting Pakistani users with malicious document of why Saudia Arab has ended the loan and oil supply to their long term friends Pakistan. This comes at a very critical moment where Pakistan have seemed to taken one step further in generating more pressure on (OIC) to create a stance on the people of Kashmir and Palestine. The atrocities of Indian and Israeli forces on the innocent people of Kashmir and Palestine have a long history and human rights violations are at the peak of their disposal. The impression to build more pressure have taken Saudis at the backfoot as they try to turn Pakistan on their side by stopping the supply of oil and loan payments which were crucial to Pakistan’s cause at the time when the country was close to bankruptcy.

Impact

  • Credential theft
  • Exposure of sensitive data 

Indicators of Compromise

Filename

why_saudi_ends_loan_and_oil_supply_to_Pakistan[.]docx

MD5

7e74d8708c118c133e6e591ae0fac33b

SHA-256

51b1568478a708e936540eaded390a01250e26b0c8a29736b73f18ab2c5f9c08

SHA1

adbe81f80a1842d412864b3bb77e957532e49dda

Remediation

  • Block all threat indicators at your respective controls.
  • Always be suspicious about emails sent by unknown senders.
  • Never click on links/attachments sent by unknown senders.
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.