Threat Advisory

October 13, 2021

Rewterz Threat Advisory – Multiple Adobe Acrobat and Adobe Reader Vulnerabilities

Severity High Analysis Summary CVE-2021-40728  Adobe Acrobat and Adobe Reader could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free […]
October 13, 2021

Rewterz Threat Advisory – Multiple Microsoft Security Vulnerabilities

Severity High Analysis Summary CVE-2021-40449  Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the […]
October 13, 2021

Rewterz Threat Advisory – ICS: Siemens SINEC NMS and SIMATIC

Severity Medium Analysis Summary CVE-2021-33727  Siemens SINEC NMS could allow a remote authenticated attacker to obtain sensitive information, caused by improper validation of user-supplied input. By […]
October 13, 2021

Rewterz Threat Advisory – ICS: Advantech WebAccess SCADA

Severity Medium Analysis Summary CVE-2021-38431 An authenticated user can use API functions to disclose project names and paths from other users. Impact Unauthorized Access Affected Vendors […]
October 13, 2021

Rewterz Threat Advisory – ICS: Schneider Electric IGSS

Severity High Analysis Summary CVE-2021-22802 The affected product is vulnerable to remote code execution, due to missing length check on user-supplied data, when a constructed message […]
October 13, 2021

Rewterz Threat Advisory – Multiple VMware vRealize Vulnerabilities

Severity Medium Analysis Summary CVE-2021-22033 A malicious actor with administrative access to vRealize Operations can enumerate internal IPs and internal ports. CVE-2021-22035 An authenticated malicious actor with non-administrative […]
October 12, 2021

Rewterz Threat Alert – Lazarus APT Group – Active IOCs

Severity High Analysis Summary Following samples of Lazarus group aka Guardians of Peace, a state-sponsored North Korean threat actor group targeting financial organizations for their gains […]
October 12, 2021

Rewterz Threat Alert – SNAKE Ransomware – Active IOCs

Severity High Analysis Summary SNAKE ransomware is targeting networks and aiming to encrypt all of the devices connected to them. The ransomware contains a level of […]
October 12, 2021

Rewterz Threat Alert – Orcus RAT – Active IOCs

Severity High Analysis Summary In the past few years Orcus was known as Schnorchel, is a Remote Access Trojan with some odd activity. This RAT enablesattackers […]
October 12, 2021

Rewterz Threat Alert –HawkEye Infostealer – Active IOCs

Severity Medium Analysis Summary HawkEye, primarily an infostealer, has additional capabilities such as bypassing of AV systems and keylogging. A spear-phishing campaign is detected using malicious […]
October 12, 2021

Rewterz Threat Alert – DanaBot Trojan – Active IOCs

Severity High Analysis Summary The new fourth version of the DanaBot banking trojan has surfaced after months of inactivity. This most recent variant comes packed mostly […]
October 12, 2021

Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs

Severity High Analysis Summary An emergent and effective data-harvesting tool dubbed Oski is proliferating in North America and China, stealing online account credentials, credit card numbers, […]
October 12, 2021

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Severity Medium Analysis Summary A new AgentTesla campaign is seen targeting victims with malspam. AgentTesla is known for stealing data from different applications on victim machines, […]
October 12, 2021

Rewterz Threat Advisory – Multiple Apache OpenOffice Vulnerabilities

Severity Medium Analysis Summary CVE-2021-41832  Apache OpenOffice could provide weaker than expected security. By persuading a victim to open a specially crafted file, an attacker could […]
October 12, 2021

Rewterz Threat Advisory – CVE-2021-30883 – Apple iOS and iPadOS

Severity High Analysis Summary CVE-2021-30883  Apple iOS and iPadOS could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption […]
October 12, 2021

Rewterz Threat Advisory – CVE-2021-41117 – Node.js keypair module

Severity High Analysis Summary CVE-2021-41117 Node.js keypair module could allow a remote attacker to obtain sensitive information, caused by a weak RSA key generation flaw in […]
October 11, 2021

Rewterz Threat Alert – APT-C-41 StrongPity – Active IOCs

Severity High Analysis Summary The APT group known as StrongPity is back with a new campaign targeting users in different regions. The group has previously targeted […]
October 11, 2021

Rewterz Threat Alert – Lazarus APT Group – Active IOCs

Severity High Analysis Summary Following samples of Lazarus group aka Guardians of Peace, a state-sponsored North Korean threat actor group targeting financial organizations for their gains […]
October 11, 2021

Rewterz Threat Alert – Cerberus Banking Trojan – Active IOCs

Severity Medium Analysis Summary A recent analysis of the Cerberus banking Trojan, performed by Anomali, delves into its current capabilities, including the current malware-as-a-service activity associated […]
October 11, 2021

Rewterz Threat Alert – Agent Anubis Malware – Active IOCs

Severity High Analysis Summary A new info-stealing malware called Anubis was first observed in the cybercriminal underground. The malware uses forked code from Loki to steal […]
October 11, 2021

Rewterz Threat Alert – Amadey Botnet – Active IOCs

Severity Medium Analysis Summary Amadey infects a victim’s computer and incorporates it into a. botnet. The Amadey trojan can also download additional malware. and exfiltrate user […]
October 11, 2021

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Severity Medium Analysis Summary A new AgentTesla campaign is seen targeting victims with malspam. AgentTesla is known for stealing data from different applications on victim machines, […]
October 11, 2021

Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs

Severity High Analysis Summary An emergent and effective data-harvesting tool dubbed Oski is proliferating in North America and China, stealing online account credentials, credit card numbers, […]
October 11, 2021

Rewterz Threat Alert – AZORult Malware – Active IOCs

Severity High Analysis Summary AZORult is a payment card and credential information stealer. It was sold on Russian underground forums as a means to collect sensitive […]

Talk with an Expert

Provide your details to speak with a security expert.
Request a meeting