Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs

July 24, 2023

Rewterz Threat Alert – China-linked Group APT41 Targets Mobile Devices With New WyrmSpy and DragonEgg Spyware – Active IOCs

July 24, 2023

Rewterz Threat Advisory – CVE-2023-3446 – OpenSSL Vulnerability

July 24, 2023

Severity

Low

Analysis Summary

CVE-2023-3446

OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DH_check(), DH_check_ex() or EVP_PKEY_param_check() functions to check a DH key or DH parameters. By sending a specially crafted request using long DH keys or parameters, a remote attacker could exploit this vulnerability to cause long delays, and results in a denial of service condition.

Impact

Denial of Service

Indicators Of Compromise

CVE

CVE-2023-3446

Affected Vendors

OpenSSL

Affected Products

OpenSSL 1.1.1
OpenSSL 1.0.2
OpenSSL 3.1.0
OpenSSL 3.1.1

Remediation

Refer to OpenSSL Security Advisory for patch, upgrade or suggested workaround information.

OpenSSL Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

DslogdRAT Deployed via Ivanti Connect Secure Exploit – Active IOCs

SAP NetWeaver Zero-Day Enables Webshell Deployment – Active IOCs

CVE-2025-31324 – SAP NetWeaver Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs

Rewterz Threat Alert – China-linked Group APT41 Targets Mobile Devices With New WyrmSpy and DragonEgg Spyware – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.