Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

July 26, 2023

Rewterz Threat Advisory – CVE-2023-20891 – VMware Tanzu Application Service for VMs and Isolation Segment Vulnerability

July 26, 2023

Rewterz Threat Advisory – ICS: Johnson Controls IQ Vulnerability

July 26, 2023

Severity

High

Analysis Summary

CVE-2023-3548

Johnson Controls IQ Wifi 6 could allow a remote attacker to bypass security restrictions, caused by improper restriction of excessive authentication attempts. By utilize brute force attack techniques, an attacker could exploit this vulnerability to gain unauthorized account access.

Impact

Security Bypass

Indicators Of Compromise

CVE

CVE-2023-22023

Affected Vendors

Johnson Controls

Affected Products

Johnson Controls IQ Wifi 6 2.0.1

Remediation

Refer to Johnson Controls Security Advisory for patch, upgrade or suggested workaround information.

Johnson Controls Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Rewterz Threat Advisory – CVE-2023-20891 – VMware Tanzu Application Service for VMs and Isolation Segment Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.