December 3, 2023

Rewterz Threat Update – Southeast Asian Banking Apps Targeted By New FjordPhantom Android Malware

Severity High Analysis Summary A new and sophisticated Android malware, named FjordPhantom, has been disclosed by cybersecurity researchers. The malware targets users in Southeast Asian countries, […]

December 3, 2023

Rewterz Threat Alert – A New Gh0st RAT Malware Variant Targets South Korea and Uzbekistan – Active IOCs

Severity High Analysis Summary The notorious Gh0st RAT malware has been identified with a new variant dubbed “SugarGh0st RAT” used in recent cyber campaigns targeting the […]

December 3, 2023

Rewterz Threat Advisory – Multiple GitLab Community and Enterprise Edition Vulnerabilities

Severity High Analysis Summary CVE-2023-6033 CVSS:8.7 GitLab Community and Enterprise Edition are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated […]

December 3, 2023

Rewterz Threat Update – Southeast Asian Banking Apps Targeted By New FjordPhantom Android Malware

December 3, 2023

Rewterz Threat Alert – A New Gh0st RAT Malware Variant Targets South Korea and Uzbekistan – Active IOCs

Severity High Analysis Summary The notorious Gh0st RAT malware has been identified with a new variant dubbed “SugarGh0st RAT” used in recent cyber campaigns targeting the […]

December 3, 2023

Rewterz Threat Advisory – Multiple GitLab Community and Enterprise Edition Vulnerabilities

Rewterz Threat Alert – Three Phishing Campaigns Dropping the Emotet Malware – IoCs

March 8, 2019

Rewterz Threat Alert – Chase Themed Phishing Campaign

March 8, 2019

Rewterz Threat Alert – Shipping Themed Malspam – IoCs

March 8, 2019

Severity

Medium

Analysis Summary

Shipping themed Malspam campaign has been observed, dropping malicious files. Threat Indicators are given below.

Indicators of Compromise

IP(s) / Hostname(s)	5.62.58[.]215 105.112.98[.]11 91.192.100[.]54
URLs	divinevilla.hopto[.]org
Filename	opr sadesfc[.]lzh
Email Address	tmalone[@]americanbuildsupply[.]com melissa.wooling[@]fairwayfreight[.]com compras[@]globalpremiumbrands[.]com
Malware Hash (MD5/SHA1/SH256)	9dec9ead4a957458af86db6ca89ddeec 75efc609d8d8b54fef19782e0bc68270

Remediation

Block the threat indicators at their respective controls.

Do not follow links or download files attached in unexpected emails.

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Update – Southeast Asian Banking Apps Targeted By New FjordPhantom Android Malware

Rewterz Threat Alert – A New Gh0st RAT Malware Variant Targets South Korea and Uzbekistan – Active IOCs

Rewterz Threat Advisory – Multiple GitLab Community and Enterprise Edition Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Update – Southeast Asian Banking Apps Targeted By New FjordPhantom Android Malware

Rewterz Threat Alert – A New Gh0st RAT Malware Variant Targets South Korea and Uzbekistan – Active IOCs

Rewterz Threat Advisory – Multiple GitLab Community and Enterprise Edition Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Three Phishing Campaigns Dropping the Emotet Malware – IoCs

Rewterz Threat Alert – Chase Themed Phishing Campaign