March 9, 2025

March 9, 2025

Hackers Exploiting x86-64 Binaries on Apple Silicon to Distribute macOS Malware

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 8, 2025

Lumma Stealer Malware aka LummaC – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 7, 2025

Multiple Jenkins Vulnerabilities Allow Attackers to Expose Secrets

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 9, 2025

Hackers Exploiting x86-64 Binaries on Apple Silicon to Distribute macOS Malware

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 8, 2025

Lumma Stealer Malware aka LummaC – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

March 7, 2025

Multiple Jenkins Vulnerabilities Allow Attackers to Expose Secrets

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

Rewterz Threat Alert – New CPDoS Web Cache Poisoning Attacks Impact Sites Using Popular CDNs

October 23, 2019

Rewterz Threat Alert – MedusaLocker Ransomware Infecting Victims Worldwide

October 23, 2019

Rewterz Threat Alert – Lazarus APT Group Drops Malicious PowerShell Scripts – IoCs

October 23, 2019

Severity

High

Analysis Summary

Fresh attack samples have been retrieved which are suspected to be from the Lazarus APT group. The threat actor is dropping malicious PowerShell script through embedded macros.

Impact

Unauthorized System Access
Credential Theft
Theft of Sensitive Information

Indicators of Compromise

MD5

6850189bbf5191a76761ab20f7c630ef
601b672f7139615f925a2eec792aa9d5
bac54e7199bd85afa5493e36d3f193d2

SHA256

a7ff0dfc2456baa80e6291619e0ca480cc8f071f42845eb8316483e077947339
735365ef9aa6cca946cfef9a4b85f68e7f9f03011da0cf5f5ab517a381e40d02
6f7a5f1d52d3bfc6f175bf2bbb665e4bd99b0453e2d2e27712fe9b71c55962dc

SHA1

b512698ecc9bd603d02e9b6a7e1b7b67ba642a42
0b12e7f03248f8ecef86ce2c6f75d2d30555608c
428f1ef151ef6b60e345a5cb72204f32c34745b4

URL

hxxps://crabbedly[.]club/board.php
hxxps://craypot[.]live/board.php
hxxps://indagator[.]club/board.php

Remediation

Block the threat indicators at their respective controls.
Do not download files from untrusted sources and do not enable macros.
Keep all systems and software updated and patched to latest secure versions.
Implement employee awareness programs warning against phishing, social engineering and malvertising attacks.

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Hackers Exploiting x86-64 Binaries on Apple Silicon to Distribute macOS Malware

Lumma Stealer Malware aka LummaC – Active IOCs

Multiple Jenkins Vulnerabilities Allow Attackers to Expose Secrets

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Hackers Exploiting x86-64 Binaries on Apple Silicon to Distribute macOS Malware

Lumma Stealer Malware aka LummaC – Active IOCs

Multiple Jenkins Vulnerabilities Allow Attackers to Expose Secrets

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – New CPDoS Web Cache Poisoning Attacks Impact Sites Using Popular CDNs

Rewterz Threat Alert – MedusaLocker Ransomware Infecting Victims Worldwide