Rewterz Threat Update – LAPSUS$/DEV-0537 Group Targeting Organizations

March 24, 2022

Rewterz Threat Update – Central Bank of Russia hacked by Anonymous – Allegedly

March 25, 2022

Rewterz Threat Advisory – Multiple Apache Traffic Server Vulnerabilities

March 25, 2022

Severity

High

Analysis Summary

CVE-2021-44040

Apache Traffic Server could allow a remote attacker to bypass security restrictions, caused by improper validation of user-supplied input when parsing request lines. An attacker could exploit this vulnerability to send invalid requests.

CVE-2021-44759

Apache Traffic Server is vulnerable to a man-in-the-middle attack, caused by improper authentication in TLS origin validation. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system.

Impact

Unauthorized Access
Security Bypass

Indicator Of Compromise

CVE

CVE-2021-44040
CVE-2021-44759

Affected Vendors

Apache

Affected Products

Apache Traffic Server 8.0.0
Apache Traffic Server 8.1.0

Remediation

Upgrade to the latest version of Apache Traffic Server, available from the Apache Web site.

Apache Web site

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Local Privilege Escalation to Root via Sudo chroot in Linux

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Update – LAPSUS$/DEV-0537 Group Targeting Organizations

Rewterz Threat Update – Central Bank of Russia hacked by Anonymous – Allegedly