March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2020-35499 – Linux Kernel denial of service
February 23, 2021Rewterz Threat Advisory – CVE-2021-23975 – Mozilla Firefox Security Bypass
February 24, 2021Rewterz Threat Advisory – CVE-2020-35499 – Linux Kernel denial of service
February 23, 2021Rewterz Threat Advisory – CVE-2021-23975 – Mozilla Firefox Security Bypass
February 24, 2021
Severity
High
Analysis Summary
APT C-35 aka (Donot Team) has been actively dropping malicious files for template injection. The group has a history of attacking Pakistani government officials and military personnel and has been linked to India. They
previously targeted Pakistani users with android malware named (StealJob) was used to target Pakistani android mobile users by Phishing on the name of “Kashmiri Voice” The attackers hunt for confidential information and intellectual property. The hackers’ targets include countries in South Asia, in particular, state sector of Pakistan.
Impact
Information theft and espionage
Indicators of Compromise
MD5
- a5e8367859bab0a9d7051587bef11fb4
SHA-256
- dc1bd94c1941dcfa69c5561959cec64c3f5b1c3c0738f66a33c320c0c4217030
SHA1
- 34a4c8517d1f55d3943a1041b4e203625f8f89f7
URL
- http[:]//firm[.]tplinkupdates[.]space/ujhsygdhgtsygbuehdthd
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.