APT Group Gamaredon aka Shuckworm – Active IOCs

June 14, 2024

CVE-2024-32896 – Google Android Vulnerability Exploit in the Wild

June 14, 2024

ICS: Siemens SIMATIC Vulnerability

June 14, 2024

Severity

High

Analysis Summary

CVE-2023-50763

Siemens SIMATIC CP, SIPLUS ET, TIM are vulnerable to a denial of service, caused by an infinite loop when processing incomplete certificate chains. By persuading a victim to parse a specially crafted certificate file, a remote attacker could exploit this vulnerability to cause a denial of service.

Impact

Denial of Service

Indicators of Compromise

CVE

CVE-2023-50763

Affected Vendors

Siemens

Affected Products

Siemens SIMATIC CP 1542SP-1
Siemens SIMATIC CP 1543SP-1
Siemens SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL
Siemens SIPLUS TIM 1531 IRC
Siemens TIM 1531 IRC

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.

Siemens Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Microsoft Entra Account Lockouts Triggered by Token Logging Error

SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs

SideWinder APT Group aka Rattlesnake – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

APT Group Gamaredon aka Shuckworm – Active IOCs

CVE-2024-32896 – Google Android Vulnerability Exploit in the Wild

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.