Threat Advisory

July 15, 2020

Rewterz Threat Advisory – CVE-2020-7584 – ICS: Siemens SIMATIC S7-200 SMART CPU Family

Severity Medium Analysis Summary The affected devices do not properly handle large numbers of new incoming connections and could crash under certain circumstances. Impact Denial-of-service Affected […]
July 15, 2020

Rewterz Threat Advisory – CVE-2020-7592 – ICS: Siemens SIMATIC HMI Panels

Severity Medium Analysis Summary Unencrypted communication between the configuration software and the respective device could allow an attacker to capture potential plain text communication and have […]
July 15, 2020

Rewterz Threat Advisory – CVE-2020-1374 – Remote Desktop Client Remote Code Execution Vulnerability

Severity High Analysis Summary A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker […]
July 15, 2020

Rewterz Threat Advisory – CVE-2020-1410 – Windows Address Book Remote Code Execution Vulnerability

Severity High Analysis Summary A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files.To exploit the vulnerability, an attacker could send […]
July 15, 2020

Rewterz Threat Advisory – CVE-2020-1350 – Windows DNS Server Remote Code Execution Vulnerability

Severity High Analysis Summary A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who […]
July 15, 2020

Rewterz Threat Advisory – ICS: Advantech iView

Severity High Analysis Summary CVE-2020-14497  The affected product contains multiple SQL injection vulnerabilities that are vulnerable to the use of an attacker-controlled string in the construction […]
July 14, 2020

Rewterz Threat Alert – M00nD3V Logger

Severity High Analysis Summary Researchers have analyzed the M00nD3V Logger, a new information stealing Trojan with wide functionality. The Trojan is marketed on hacking forums and […]
July 14, 2020

Rewterz Threat Alert – ServHelper Backdoor

Severity High Analysis Summary ServHelper that is associated with the hacking group TA505 has been seen targeting financial and retail sectors. With the help of this […]
July 14, 2020

Rewterz Threat Advisory – CVE-2019-4591 – IBM Maximo Asset Management security bypass

Severity Medium Analysis Summary IBM Maximo Asset Management 7.6.0 and 7.6.1 does not invalidate session after logout which could allow a local user to impersonate another […]
July 14, 2020

Rewterz Threat Alert -TrickBot Group Launches Test Module Alerting on Fraud Activity

Severity High Analysis Summary Researchers have analyzed a new TrickBot module that appears to have still been in development and unintentionally deployed in the wild. The […]
July 14, 2020

Rewterz Threat Alert – Latest Emotet IOCs

Severity High Analysis Summary Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via malicious script, macro-enabled document […]
July 14, 2020

Rewterz Threat Advisory – CVE-2020-6286 – Critical Vulnerability in SAP NetWeaver AS Java

Severity High Analysis Summary The vulnerability is introduced due to the lack of authentication in a web component of the SAP NetWeaver AS for Java allowing […]
July 13, 2020

Rewterz Threat Alert – Latest Nanocore RAT- IOCs

Severity Medium Analysis Summary NanoCore is high-risk trojan, a remote access tool (RAT). In most cases, this malware is proliferated using spam email campaigns. Criminals send […]
July 13, 2020

Rewterz Threat Alert – Excel Spreasheet Macro Kicks off Formbook Malware Infection

Severity High Analysis Summary FormBook is an information-stealer malware that has been active since 2016. The info-stealer malware’s capabilities include stealing credentials, capturing screenshots of victim’s […]
July 13, 2020

Rewterz Threat Alert – New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173

Severity High Analysis Summary Researchers discovered a new Mirai variant (detected as IoT.Linux.MIRAI.VWISI) that exploits nine vulnerabilities, most notable of which is CVE-2020-10173 in Comtrend VR-3033 […]
July 13, 2020

Rewterz Threat Alert – Joker Malware Variant Found in Google Play

Severity Medium Analysis Summary Joker is malware that targets Android devices. A new variant of it was detected in the Google Play store by researchers. Joker […]
July 13, 2020

Rewterz Threat Alert – Latest Trickbot IOCs

High Analysis Summary TrickBot is a banking Trojan which targets sensitive information and acts as a dropper for other malware. Trickbot is usually spread via malicious […]
July 12, 2020

Rewterz Threat Alert – Lazarus FastCash – IOCs

Severity High Analysis Summary FASTCash schemes remotely compromise payment switch application servers within banks to facilitate fraudulent transactions. Lazarus has been targeting this fastcash schemes previous […]
July 10, 2020

Rewterz Threat Advisory – CVE-2020-9294 – Authentication bypass in FortiMail and FortiVoice Enterprise

Severity High Analysis Summary An improper authentication vulnerability in FortiMail and FortiVoiceEntreprise may allow a remote unauthenticated attacker to access the system as a legitimate user […]
July 10, 2020

Rewterz Threat Alert – Powerful Conti Ransomware

Severity High Analysis Summary A new ransomware family packs multiple unique features, including to improve performance and give its operators the option to only target networked […]
July 10, 2020

Rewterz Threat Advisory – CVE-2020-3974 – VMware XPC Client validation privilege escalation vulnerability

Severity High Analysis Summary VMware Fusion, VMRC for Mac and Horizon Client for Mac contain a privilege escalation vulnerability due to improper XPC Client validation.Successful exploitation […]
July 10, 2020

Rewterz Threat Advisory – CVE-2020-1647 – Juniper Junos OS Double free vulnerability

Severity High Analysis Summary On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a […]
July 10, 2020

Rewterz Threat Advisory – CVE-2020-12025 – ICS: Rockwell Automation Logix Designer Studio 5000

Severity Low Analysis Summary Logix Designer Studio 5000 use a third-party XML parser that natively accepts AML and RDF files from any external entity. If exploited […]
July 10, 2020

Rewterz Threat Advisory – ICS: Phoenix Contact Automation Worx Software Suite

Severity Medium Analysis Summary CVE-2020-12497 Due to insufficient input data validation while processing project files the buffer could be overflown. An attacker could use a specially […]

Talk with an Expert

Provide your details to speak with a security expert.
Request a meeting