Rewterz Threat Alert – Eternity Stealer: Eternity Malware Project – Active IOCs

November 24, 2022

Rewterz Threat Alert – Shuckworm APT Group aka Armageddon – Active IOCs

November 25, 2022

Rewterz Threat Advisory – CVE-2021-35246 – SolarWinds Engineer’s Toolset Vulnerability

November 25, 2022

Severity

Medium

Analysis Summary

CVE-2021-35246

SolarWinds Engineer’s Toolset could allow a remote attacker to obtain sensitive information, caused by an unprotected transport of credentials. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

Impact

Information Disclosure

Indicators Of Compromise

CVE

CVE-2021-35246

Affected Vendors

SolarWinds

Affected Products

SolarWinds Engineer’s Toolset 2020.2.6 HF4

Remediation

Upgrade to the latest version of Engineer’s Toolset, available from the SolarWinds Website.

SolarWinds Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Multiple Fortinet Products Vulnerabilities

TCESB Malware Emerges in Targeted Exploits Against ESET Security Tools – Active IOCs

PipeMagic Trojan Exploits CLFS Flaw in Windows for Ransomware Attacks

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – Eternity Stealer: Eternity Malware Project – Active IOCs

Rewterz Threat Alert – Shuckworm APT Group aka Armageddon – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.