Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs

November 23, 2022

Rewterz Threat Advisory – CVE-2022-40752 – IBM InfoSphere DataStage Vulnerability

November 23, 2022

Rewterz Threat Advisory – CVE-2022-40228 – IBM DataPower Gateway Vulnerability

November 23, 2022

Severity

Low

Analysis Summary

CVE-2022-40228

IBM DataPower Gateway 10.0.3.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.9, 2018.4.1.0 through 2018.4.1.22, and 10.5.0.0 through 10.5.0.2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system.

Impact

Privilege Escalation

Indicators Of Compromise

CVE

CVE-2022-40228

Affected Vendors

IBM

Affected Products

IBM DataPower Gateway 2018.4.1.0
IBM DataPower Gateway 10.0.1.0
IBM DataPower Gateway 10.0.3.0
IBM DataPower Gateway 10.0.4.0

Remediation

Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information.

IBM Security Bulletin

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs

Rewterz Threat Advisory – CVE-2022-40752 – IBM InfoSphere DataStage Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.