February 17, 2025

February 17, 2025

Remcos RAT – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

February 12, 2025

Multiple Dell BSAFE SSL-J Vulnerabilities

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

February 12, 2025

Multiple Microsoft Windows Vulnerabilities Exploit in the Wild

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

February 17, 2025

Remcos RAT – Active IOCs

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

February 12, 2025

Multiple Dell BSAFE SSL-J Vulnerabilities

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

February 12, 2025

Multiple Microsoft Windows Vulnerabilities Exploit in the Wild

Proactive Defense: The Importance of Incident Response Planning in Cybersecurity

Rewterz Threat Alert – Maze ransomware – IOCs

December 23, 2019

Rewterz Threat Advisory – CVE-2019-19781 – Citrix Application Delivery Controller and Citrix Gateway RCE Vulnerability

December 24, 2019

Rewterz Threat Alert – OilRig targets LANDesk Agent users via PowDesk

December 24, 2019

Severity

High

Analysis Summary

New PowerShell-based malware resembles QUADAGENT. PowDesk checks for the presence of LANDesk Agent folder and service before C&C beacon.

Oilrig keep focusing on the IT supply chain domain, now via LANDesk agent.

Impact

Exposure of sensitive information

Indicators of Compromise

SHA-256

8406ca490c60ec41569b35f31f1860ff4663bba44d1daac64760ecdfe694203d

URL

http[:]//lcepos[.]com/php/reclaimlandesk[.]php

Remediation

Block all threat indicators at your respective controls.
Always be suspicious about emails sent by unknown senders.
Never click on the links/attachment sent by unknown senders.

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Remcos RAT – Active IOCs

Multiple Dell BSAFE SSL-J Vulnerabilities

Multiple Microsoft Windows Vulnerabilities Exploit in the Wild

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Remcos RAT – Active IOCs

Multiple Dell BSAFE SSL-J Vulnerabilities

Multiple Microsoft Windows Vulnerabilities Exploit in the Wild

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Maze ransomware – IOCs

Rewterz Threat Advisory – CVE-2019-19781 – Citrix Application Delivery Controller and Citrix Gateway RCE Vulnerability