Rewterz Threat Update – Data Stolen from Central Bank of Russia leaked by Anonymous – Russian-Ukrainian Cyber Warfare

March 28, 2022

Rewterz Threat Advisory – CVE-2022-22374 – IBM POWER9 Vulnerability

March 28, 2022

Rewterz Threat Advisory – CVE-2022-1040 – Sophos Firewall Vulnerability

March 28, 2022

Severity

High

Analysis Summary

CVE-2022-1040

An authentication bypass vulnerability allowing remote code execution was discovered in the User Portal and Webadmin of Sophos Firewall and responsibly disclosed to Sophos. It was reported via the Sophos bug bounty program by an external security researcher. The vulnerability has been fixed.

There is no action required for Sophos Firewall customers with the “Allow automatic installation of hotfixes” feature enabled. Enabled is the default setting

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2022-1040

Affected Vendors

Sophos

Affected Products

Sophos Firewall v18.5 MR3 (18.5.3) and older

Remediation

Refer to Sophos Security Advisory for patch, upgrade, or suggested workaround information.

Sophos Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

DarkTortilla Malware – Active IOCs

Operation RoundPress: APT28 Exploits Zero-Day in Global Espionage Campaign – Active IOCs

New Multi-Stage .NET Loader Targets Windows Systems to Deliver Malicious Payloads – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Update – Data Stolen from Central Bank of Russia leaked by Anonymous – Russian-Ukrainian Cyber Warfare

Rewterz Threat Advisory – CVE-2022-22374 – IBM POWER9 Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.