Threat Advisory

January 22, 2021

Rewterz Threat Advisory – CVE-2020-17532 – Apache ServiceComb code execution

Severity High Analysis Summary CVE-2020-17532 Apache ServiceComb could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization when […]
January 22, 2021

Rewterz Threat Alert – Fresh IOCs – LokiBot

Severity Medium Analysis Summary Loki Bot is a commodity malware sold on underground sites which is designed to steal private data from infected machines, and then […]
January 22, 2021

Rewterz Threat Advisory – CVE-2021-20586 – ICS: Mitsubishi Electric MELFA

Severity Medium Analysis Summary CVE-2021-20586 These robot controllers may allow an attacker to cause a denial-of-service of the execution of the robot program and the Ethernet […]
January 22, 2021

Rewterz Threat Advisory – ICS: Delta Electronics TPEditor

Severity Medium Analysis Summary CVE-2020-27288 An untrusted pointer dereference has been identified in the way the application processes project files, allowing an attacker to craft a […]
January 21, 2021

Rewterz Threat Alert – Password Expiration Phishing Campaign

Severity Medium Analysis Summary Classic Phish Password Expiration is common way to get people to click through, it is recommended to always check the sender. This […]
January 21, 2021

Rewterz Threat Alert – Emotet -Fresh IOCs

Severity High Analysis Summary Emotet has recently found in increased cyber activities after a short period of dormancy. Fresher IoCs are being retrieved everyday. Emotet is […]
January 21, 2021

Rewterz Threat Advisory – CVE-2021-1301 – Cisco SD-WAN denial of service

Severity Medium Analysis Summary CVE-2021-1301 Cisco SD-WAN is vulnerable to a denial of service, caused by insufficient input validation of user-supplied input that is read by […]
January 21, 2021

Rewterz Threat Advisory – Cisco Data Center Network Manager (DCNM) server-side request forgery

Severity High Analysis Summary CVE-2021-1272 Cisco Data Center Network Manager (DCNM) is vulnerable to server-side request forgery, caused by improper validation of parameters in a specific […]
January 20, 2021

Rewterz Threat Advisory – Multiple Juniper OS Security Vulnerabilities

Severity High Analysis Summary CVE-2021-0221 In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured on a PE, a traffic […]
January 20, 2021

Rewterz Threat Advisory – CVE-2020-35929 – Kaspersky TinyCheck information disclosure

Severity Medium Analysis Summary CVE-2020-35929 Kaspersky TinyCheck could allow a remote attacker to obtain sensitive information, caused by the use of hard-coded credentials to the backend […]
January 20, 2021

Rewterz Threat Alert – PatchWork APT Group Targeting Pakistan AirForce

Severity High Analysis Summary PatchWork, (also known as Mahabusa, White Elephant, hangOver, VICEROY TIGER, The Dropping Elephant) is an APT that mainly conducts cyber espionage activities […]
January 19, 2021

Rewterz Threat Alert – GandCrab Malware – IoCs

Severity High Analysis Summary Fresh IoCs have been retrieved from a campaign distributing the GandCrab ransomware. GandCrab campaigns typically involve emails designed to deceive a potential […]
January 19, 2021

Rewterz Threat Advisory – ICS: Siemens SCALANCE X Switches

Severity High Analysis Summary CVE-2020-28391  Devices create a new unique key upon factory reset, except when used with C-PLUG. When used with C-PLUG the devices use […]
January 19, 2021

Rewterz Threat Alert – IObit Forums Hacked to Spread DeroHE Ransomware

Severity Medium Analysis Summary Windows utility developer IObit was recently hacked to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members. […]
January 19, 2021

Rewterz Threat Advisory – CVE-2020-11997 – Apache Guacamole information disclosure

Severity Medium Analysis Summary CVE-2020-11997 Apache Guacamole could allow a remote authenticated attacker to obtain sensitive information, caused by inconsistent restriction of connection history. By sending […]
January 19, 2021

Rewterz Threat Advisory – Multiple NETGEAR Routers information disclosure

Severity High Analysis Summary CVE-2020-27873 Multiple NETGEAR Routers could allow a remote attacker to obtain sensitive information, caused by improper access control by the SOAP API […]
January 18, 2021

Rewterz Threat Alert – APT-C-41 StrongPity – IOCs

Severity High Analysis Summary The APT group known as StrongPity is back with a new campaign targeting users in different regions. The group has previously targeted […]
January 18, 2021

Rewterz Threat Advisory – CVE-2021-24122 – Apache Tomcat information disclosure

Severity High Analysis Summary CVE-2021-24122 Apache Tomcat could allow a remote attacker to obtain sensitive information, caused by a flaw when serving resources from a network […]
January 18, 2021

Rewterz Threat Alert – Trickbot is Back

Severity High Analysis Summary TrickBot is a banking Trojan which targets sensitive information and acts as a dropper for other malware. Trickbot is usually spread via […]
January 15, 2021

Rewterz Threat Alert – Formbook Malware – IoCs

Severity High Analysis Summary FormBook is an information-stealer malware that has been active since 2016. The info-stealer malware’s capabilities include stealing credentials, capturing screenshots of victim’s […]
January 15, 2021

Rewterz Threat Alert – New Variant of Ursnif Using Invoice Malspam

Severity Medium Analysis Summary A new phishing campaign is detected in the wild that was spreading a fresh variant of the Ursnif Trojan via an attached […]
January 15, 2021

Rewterz Threat Alert – JavaScript RAT Targeting Asian Government and Financial Sector

Severity High Analysis Summary A new malicious campaign is discovered targeting verticals in the governmental monetary and financial sectors in Asia. This campaign poses as a […]
January 14, 2021

Rewterz Threat Alert – Rogue RAT used for Android Device Takeover, Data Theft and Malware Delivery

Severity Medium Analysis Summary As remote work continues, remote collaboration platforms are being targeted by cyber criminals. Meanwhile, other platforms are being used on smartphones to […]
January 14, 2021

Rewterz Threat Alert – New Android spyware targets users in Pakistan

Severity High Analysis Summary Researchers have discovered a small cluster of Trojanized versions of Android apps, mainly marketed to people who live in Pakistan. Someone has […]

Talk with an Expert

Provide your details to speak with a security expert.
Request a meeting