March 11, 2025

March 11, 2025

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

EncryptHub: A Multi-Stage Malware Breach Impacting 600 Organizations – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 11, 2025

EncryptHub: A Multi-Stage Malware Breach Impacting 600 Organizations – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

Rewterz Threat Advisory – Multiple Jenkins OpenID Plugin Vulnerabilities

January 30, 2023

Rewterz Threat Advisory – Multiple Jenkins BearyChat Plugin Vulnerabilities

January 30, 2023

Rewterz Threat Advisory – Multiple Jenkins RabbitMQ Consumer Plugin Vulnerabilities

January 30, 2023

Severity

Medium

Analysis Summary

CVE-2023-24448 CVSS:4.3

Jenkins RabbitMQ Consumer Plugin could allow a remote authenticated attacker to bypass security restrictions, caused by not perform a permission check in a method implementing form validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to connect to an attacker-specified AMQP server.

CVE-2023-24447 CVSS:4.3

Jenkins JIRA Pipeline Steps Plugin is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to connect to an attacker-specified AMQP server. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

Impact

Security Bypass
Unauthorized Access

Indicators Of Compromise

CVE

CVE-2023-24448
CVE-2023-24447

Affected Vendors

Jenkins

Affected Products

Jenkins RabbitMQ Consumer Plugin 2.8

Remediation

Refer to Jenkins Security Advisory for patch, upgrade or suggested workaround information.

Jenkins Security Advisory

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

EncryptHub: A Multi-Stage Malware Breach Impacting 600 Organizations – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, the Middle East, and Africa – Active IOCs

Strela Stealer Malware Targets Microsoft Outlook Users for Credential Theft – Active IOCs

EncryptHub: A Multi-Stage Malware Breach Impacting 600 Organizations – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple Jenkins OpenID Plugin Vulnerabilities

Rewterz Threat Advisory – Multiple Jenkins BearyChat Plugin Vulnerabilities