Threat Advisory

April 9, 2021

Rewterz Threat Advisory – Multi Cisco Product Vulnerabilities

Severity High Analysis Summary CVE-2021-1386 A local authenticated attacker to execute arbitrary code on the system, attackers using specially-crafted DLL file, an attacker could exploit this […]
April 9, 2021

Rewterz Threat Alert – AZORult Malware – Active IOCs

Severity Medium Analysis Summary AZORult is a Trojan stealer that collects various data on infected computers and sends it to the C&C server, including browser history, […]
April 9, 2021

Rewterz Threat Advisory – CVE-2021-24027 – WhatsApp for Android and WhatsApp Business for Android information disclosure

Severity Medium Analysis Summary CVE-2021-24027 A local authenticated attacker is acquiring informative data caused by a cache configuration issue. Attacker is sending a specially-crafted request attacker […]
April 9, 2021

Rewterz Threat Advisory – CVE-2021-29154 – Linux Kernel privilege escalation

Severity High Analysis Summary A local authenticated attacker is sending a specially-crafted request to gain overhead privileges on the system exploit this vulnerability and execute arbitrary […]
April 8, 2021

Rewterz Threat Advisory – CVE-2021-1459 – Cisco Small Business Routers command execution

Severity High Analysis Summary CVE-2021-1459 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow a remote attacker to execute arbitrary commands on the system, […]
April 8, 2021

Rewterz Threat Advisory – CVE-2021-1479 – Cisco SD-WAN vManage Software buffer overflow

Severity High Analysis Summary CVE-2021-1479 Cisco SD-WAN vManage Software is vulnerable to a buffer overflow, caused by improper bounds checking. By sending a specially crafted connection […]
April 8, 2021

Rewterz Threat Advisory – CVE-2021-3483 – Linux Kernel code execution

Severity High Analysis Summary CVE-2021-3483 Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free flaw in nosy […]
April 8, 2021

Rewterz Threat Advisory – CVE-2021-1420 – Cisco Webex Meetings HTML Injection Vulnerability

Severity Medium Analysis Summary CVE-2021-1420 A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in […]
April 8, 2021

Rewterz Threat Advisory – Cisco SD-WAN vManage Software Vulnerabilities

Severity High Analysis Summary CVE-2021-1137, CVE-2021-1479, CVE-2021-1480 Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow […]
April 7, 2021

Rewterz Threat Alert – Nanocore – Active IoCs

Severity Medium Analysis Summary NanoCore is a remote access tool (RAT). In most cases, this malware is distributed using spam email campaigns. Criminals send thousands of […]
April 7, 2021

Rewterz Threat Alert – LokiBot Malware – Active IOCs

Severity Medium Analysis Summary Loki Bot is a commodity malware sold on underground sites which is designed to steal private data from infected machines, and then […]
April 7, 2021

Rewterz Threat Advisory – CVE-2021-28189 – ASUS BMC firmware denial of service

Severity Medium Analysis Summary ASUS BMC firmware is vulnerable to a denial of service, caused by a buffer overflow in the SMTP configuration function in the […]
April 7, 2021

Rewterz Threat Advisory – Critical SAP Applications Under Active Attack

Severity High Analysis Summary Cyber attackers are actively setting their sights on unsecured SAP applications in an attempt to steal information and sabotage critical processes. SAP […]
April 7, 2021

Rewterz Threat Alert – Malicious Covid-19 URLs

Severity High Analysis Summary COVID-19 is being used in a variety of malicious campaigns including email spam, BEC, malware, ransomware, and malicious domains. As the number […]
April 6, 2021

Rewterz Threat Alert – Donot APT group – IOCs

Severity High Analysis Summary APT C-35 aka (Donot Team) has been actively dropping malicious files for template injection. The group has a history of attacking Pakistani […]
April 6, 2021

Rewterz Threat Alert – Formbook Malware – Active IoCs

Severity Medium Analysis Summary FormBook is an information-stealer malware that has been active since 2016. The info-stealer malware’s capabilities include stealing credentials, capturing screenshots of victim’s […]
April 6, 2021

Rewterz Threat Advisory – CVE-2021-22696 – Apache CXF denial of service

Severity High Analysis Summary Apache CXF is vulnerable to a denial of service, caused by improper validation of request_uri parameter by the OAuth 2 authorization service. […]
April 5, 2021

Rewterz Threat Alert – Lazarus APT Group – IOCs

Severity High Analysis Summary Following samples of Lazarus group, an state sponsored threat actor targeting financially organizations for their gains have been active again and actively […]
April 5, 2021

Rewterz Threat Alert – Active Nanocore IoCs

Severity Medium Analysis Summary NanoCore is a remote access tool (RAT). In most cases, this malware is distributed using spam email campaigns. Criminals send thousands of […]
April 5, 2021

Rewterz Threat Alert – LokiBot Malware – IOCs

Severity Medium Analysis Summary Loki Bot is a commodity malware sold on underground sites which is designed to steal private data from infected machines, and then […]
April 3, 2021

Rewterz Threat Alert – Hancitor InfoStealer Using Cobalt Strike and Network Ping Tool

Severity High Analysis Summary Hancitor is an information stealer and malware downloader commonly associated with threat group TA511. In recent months, this actor began using a […]
April 3, 2021

Rewterz Threat Advisory – APTs Actively Exploiting Fortinet VPN Security Vulnerabilities

Severity High Analysis Summary Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying […]
April 2, 2021

Rewterz Threat Alert – IcedID banking Trojan – IOCs

Severity High Analysis Summary IcedID banking trojan first appeared in the threat landscape in 2017, it has capabilities similar to other financial threats like Gozi, Zeus, […]
April 2, 2021

Rewterz Threat Advisory – CVE-2021-21982 – VMware Carbon Black Cloud Workload appliance security bypass

Severity High Analysis Summary CVE-2021-21982 VMware Carbon Black Cloud Workload appliance could allow a remote attacker to bypass security restrictions, caused by the manipulation of a […]

Talk with an Expert

Provide your details to speak with a security expert.
Request a meeting