Rewterz Threat Advisory – Microsoft Patches 58 Vulnerabilities in Multiple Products
December 9, 2020Rewterz Threat Advisory – Multiple Embedded TCP/IP Stacks Multiple Vulnerabilities
December 9, 2020Rewterz Threat Advisory – Microsoft Patches 58 Vulnerabilities in Multiple Products
December 9, 2020Rewterz Threat Advisory – Multiple Embedded TCP/IP Stacks Multiple Vulnerabilities
December 9, 2020Severity
High
Analysis Summary
FireEye reports having been attacked by a highly sophisticated threat actor, highly likely to be a state-sponsored attacker. The threat actors stole its red team tools. FireEye aims to share the details of their investigation, to better equip the entire community against malicious use of their tools. It’s not yet confirmed whether the threat actors aim to use these tools in cyber attacks. However, FireEye has released countermeasures to ensure awareness and protection against the attempted use of these Red Team tools.
Impact
Possible Intrusion
Indicators of Compromise
MD5
- c74ebb6c238bbfaefd5b32d2bf7c7fcc
- 5125979110847d35a338caac6bff2aa8
- fa255fdc88ab656ad9bc383f9b322a76
- f7d9961463b5110a3d70ee2e97842ed3
- f41074be5b423afb02a74bc74222e35d
- f20824fa6e5c81e3804419f108445368
- edcd58ba5b1b87705e95089002312281
- e91670423930cbbd3dbf5eac1f1a7cb6
- e89efa88e3fda86be48c0cc8f2ef7230
- e7beece34bdf67cbb8297833c5953669
- e4efa759d425e2f26fbc29943a30f5bd
- dfbb1b988c239ade4c23856e42d4127b
- dd8805d0e470e59b829d98397507d8c2
- cf752e9cd2eccbda5b8e4c29ab5554b6
- cdf58a48757010d9891c62940c439adb
- c74ebb6c238bbfaefd5b32d2bf7c7fcc
- c0598321d4ad4cf1219cc4f84bad4094
- c02594972dbab6d489b46c5dee059e66
- a91bf61cc18705be2288a0f6f125068f
- a8b5dcfea5e87bf0e95176daa243943d
- a107850eb20a4bb3cc59dbd6861eaf0f
- 9e85713d615bda23785faf660c1b872c
- 9dcb6424662941d746576e62712220aa
- 9c8eb908b8c1cda46e844c24f65d9370
- 995120b35db9d2f36d7d0ae0bfc9c10d
- 98ecf58d48a3eae43899b45cec0fc6b7
- 848837b83865f3854801be1f25cb9f4d
- 83ed748cd94576700268d35666bf3e01
- 82773afa0860d668d7fe40e3f22b0f3e
- 8025bcbe3cc81fc19021ad0fbc11cf9b
- 7af24305a409a2b8f83ece27bb0f7900
- 79259451ff47b864d71fb3f94b1774f3
- 6f04a93753ae3ae043203437832363c4
- 6efb58cf54d1bb45c057efcfbbd68a93
- 68acf11f5e456744262ff31beae58526
- 66e0681a500c726ed52e5ea9423d2654
- 66cdaa156e4d372cfa3dea0137850d20
- 5e14f77f85fd9a5be46e7f04b8a144f5
- 590d98bb74879b52b97d8a158af912af
- 5125979110847d35a338caac6bff2aa8
- 4e7e90c7147ee8aa01275894734f4492
- 4bf96a7040a683bd34c618431e571e26
- 45736deb14f3a68e88b038183c23e597
- 44887551a47ae272d7873a354d24042d
- 4414953fa397a41156f6fa4f9462d207
- 3e61ca5057633459e96897f79970a46d
- 3bb34ebd93b8ab5799f4843e8cc829fa
- 3b926b5762e13ceec7ac3a61e85c93bb
- 3651f252d53d2f46040652788499d65a
- 3322fba40c4de7e3de0fda1123b0bf5d
- 2b686a8b83f8e1d8b455976ae70dab6e
- 11b5aceb428c3e8c61ed24a8ca50553e
- 100d73b35f23b2fe84bf7cd37140bf4d
- 0a86d64c3b25aa45428e94b6e0be3e08
- 05b99d438dac63a5a993cea37c036673
- 04eb45f8546e052fe348fda2425b058c
SHA-256
- b6ef03aec5d10e371f0b06c661036d838ef55fa7dc75cf91fca3622bdefa8140
- 078403b4e89ff06d2fe2ed7e75428a381f83ffb708dbd01b0220767498947f0c
SHA1
- b98cded462dfd80c682c953830e3df744cac756d
- 218651ac5b575c3f9642c2e9a5928aa22fab8483
Remediation
Block the threat indicators at their respective controls.