Rewterz Threat Alert – Latest Update Regarding JSOutProx Malware and Its Impact on Financial Institutions – Active IOCs

October 6, 2023

Rewterz Threat Alert -Tofsee Malware – Active IOCs

October 9, 2023

Rewterz Threat Advisory – CVE-2023-25606 – Fortinet FortiAnalyzer and FortiManager Vulnerability

October 9, 2023

Severity

Medium

Analysis Summary

CVE-2023-25606

Fortinet FortiAnalyzer and FortiManager could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user requests. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.

Impact

Information Theft

Indicators Of Compromise

CVE

CVE-2023-25606

Affected Vendors

Fortinet

Affected Products

Fortinet FortiManager 7.0.0
Fortinet FortiAnalyzer 7.0.0
Fortinet FortiManager 6.4.0
Fortinet FortiAnalyzer 7.2.0

Remediation

Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.

FortiGuard Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs

F5 BIG-IP Exploit Allows Attackers to Escape Admin Restrictions

Multiple F5 BIG-IP Products Vulnerabilities

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Latest Update Regarding JSOutProx Malware and Its Impact on Financial Institutions – Active IOCs

Rewterz Threat Alert -Tofsee Malware – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.