Threat Advisory

October 2, 2022

Rewterz Threat Alert – REvil Ransomware – Active IOCs

Severity High Analysis Summary The REvil (also known as Sodinokibi) is a Ransomware-as-a-Service (RaaS). The first attack of REvil in middle of April 2019, and attracted huge attention […]
October 2, 2022

Rewterz Threat Alert – Phobos Ransomware – Active IOCs

Severity High Analysis Summary Phobos Ransomware is based on the Dharma malware that first appeared at the beginning of 2019. It spreads into several systems via […]
October 2, 2022

Rewterz Threat Alert – Witchetty APT Group Hides Backdoor Malware In Windows Logo – Active IOCs

Severity High Analysis Summary Researchers discovered the Witchetty cyber espionage threat actor group, which employs steganography to conceal backdoor malware in the Windows logo in its latest campaign. […]
October 2, 2022

Rewterz Threat Alert – Chaos Ransomware – Active IOCs

Severity High Analysis Summary Chaos is a customizable ransomware builder that emerged on June 9 2021 (in underground forums) by falsely marketing itself as the .NET […]
October 2, 2022

Rewterz Threat Alert – WannaCry Ransomware – Active IOCs

Severity High Analysis Summary WannaCry is also called WCry or WanaCrptor ransomware malware, this ransomware can encrypt all your data files and demands a payment to […]
October 2, 2022

Rewterz Threat Alert –DangerousPassword APT Group – Active IOCs

Severity High Analysis Summary DangerousPassword is a Chinese APT group that targets cryptocurrency companies. Found in 2018, the threat group uses decoy files with topics like […]
October 2, 2022

Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs

Severity High Analysis Summary DCRat – a Russian backdoor, was initially introduced in 2018, but rebuilt and relaunched a year later. The DCRat backdoor appears to […]
October 2, 2022

Rewterz Threat Update – Microsoft Exchange Zero-Day Actively Exploited In The Wild

Severity High Analysis Summary Microsoft verified that two zero-day vulnerabilities in Microsoft Exchange discovered by GTSC researchers are being actively exploited in the wild.The IT giant has […]
October 2, 2022

Rewterz Threat Advisory – CVE-2022-20856 – Cisco IOS XE Wireless Controller Software for the Catalyst Vulnerability

Severity Medium Analysis Summary CVE-2022-20856  Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility is vulnerable to a denial of service, caused […]
October 2, 2022

Rewterz Threat Advisory – CVE-2022-20844 – Cisco Software-Defined Application Vulnerability

Severity Medium Analysis Summary CVE-2022-20844  Cisco Software-Defined Application Visibility and Control on Cisco vManage could allow a remote attacker to obtain sensitive information, caused by a […]
October 1, 2022

Rewterz Threat Advisory – CVE-2022-20810 – Cisco IOS XE Wireless Controller Software Vulnerability

Severity Medium Analysis Summary CVE-2022-20810  Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow a remote attacker to obtain sensitive information, caused […]
October 1, 2022

Rewterz Threat Advisory – CVE-2022-20662 – Cisco Duo for macOS Vulnerability

Severity Medium Analysis Summary CVE-2022-20662 Cisco Duo for macOS could allow a local attacker to bypass security restrictions, caused by the assigned user of a smart […]
October 1, 2022

Rewterz Threat Advisory – CVE-2022-35280 – IBM Robotic Process Automation Vulnerability

Severity Medium Analysis Summary CVE-2022-35280 IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes […]
October 1, 2022

Rewterz Threat Advisory – Node.js react-native-reanimated module Vulnerability

Severity Medium Analysis Summary CVE-2022-24373  Node.js react-native-reanimated module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in […]
October 1, 2022

Rewterz Threat Advisory – Node.js css-what module Vulnerability

Severity Medium Analysis Summary CVE-2022-21222 CVSS:5.3 Node.js css-what module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in […]
October 1, 2022

Rewterz Threat Advisory – Multiple Google Chrome V8 Vulnerabilities

Severity High Analysis Summary CVE-2022-3373 CVSS:8.8 Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in […]
October 1, 2022

Rewterz Threat Advisory – Multiple SolarWinds Orion Platform Vulnerabilities

Severity High Analysis Summary CVE-2022-36965 CVSS:7.5SolarWinds Orion Platform is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the QoE application input field. […]
September 30, 2022

Rewterz Threat Advisory – Microsoft Exchange Zero-Day Actively Exploited In The Wild

Severity High Analysis Summary Microsoft verified that two zero-day vulnerabilities in Microsoft Exchange discovered by GTSC researchers are being actively exploited in the wild.The IT giant has […]
September 30, 2022

Rewterz Threat Alert – Phobos Ransomware – Active IOCs

Severity High Analysis Summary Phobos Ransomware is based on the Dharma malware that first appeared at the beginning of 2019. It spreads into several systems via […]
September 30, 2022

Rewterz Threat Alert – Sophisticated Covert Attack Campaign Targeting Military Contractors – Active IOCs

Severity High Analysis Summary A recent cyberattack campaign that may have been motivated by cyber espionage targeted many military and weapons contractor businesses using spear-phishing emails […]
September 30, 2022

Rewterz Threat Alert – Threat Actors From Brazil’s Prilex Group Resurfaced With Sophisticated Point-of-Sale (PoS) Malware

Severity High Analysis Summary Prilex, a Brazilian threat actor, has emerged with advanced and sophisticated malware designed to steal money through fraudulent transactions. These threat actors have […]
September 30, 2022

Rewterz Threat Alert – APT SideWinder Group – Active IOCs

Severity High Analysis Summary Sidewinder is a suspected Indian threat actor group that has been active since 2012. They have been observed attacking political, military, and […]
September 30, 2022

Rewterz Threat Alert – APT-28 FancyBear – Active IOCs

Severity High Analysis Summary APT28 is one of Russia’s longest-running APTs and its operations date back to at least 2007. The group supports Russia in their […]
September 30, 2022

Rewterz Threat Alert – LokiBot Malware – Active IOCs

Severity Medium Analysis Summary In early 2016, LokiBot was originally made available on underground forums for cybercriminals to use against Microsoft Android phones. This malware steals […]

Talk with an Expert

Provide your details to speak with a security expert.
Request a meeting