Rewterz

Rewterz Threat Alert – Trickbot Updated with Nworm

June 1, 2020
Rewterz

Rewterz Threat Alert – AgentTesla Delivered via a Malicious PowerPoint Add-In

June 1, 2020

Rewterz Threat Advisory – IBM Business Automation Workflow and IBM Business Process Manager

Severity

Low

Analysis Summary

IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site.

Impact

Security bypass

Affected Vendors

IBM

Affected Products

  • IBM Business Process Manager Advanced
  • IBM Business Automation Workflow

Remediation

Refer to IBM Security Bulletin 6217550 for complete list off products and upgraded patches.

https://www.ibm.com/support/pages/node/6217550

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.