Threat Intelligence

Customer Awareness Advisory

Deepwatch Threat Intel Teams' open-source analysis provides our assessment, mitigation, and recommendations for the latest critical threats and vulnerabilities.

Filter by:

Voice Phishing’s Success with Resetting Single Sign-on Portal Passwords Sees Sudden Surge

Read More

NetScaler ADC and Gateway CVE-2023-3519 Actively Exploited

Read More

Customer Advisory: Awareness | Storm-0978 (RomCom): Cyber-espionage Campaign Targeting NATO Talks, Exploiting CVE-2023-36884

Read More

Customer Advisory: Awareness | Threat Actors Exploiting Critical Vulnerability (CVE-2023-27997) in FortiOS and FortiProxy

Read More

Customer Advisory: Awareness | Deepwatch Observes Unauthenticated Remote Code Execution Vulnerability Exploitation in Avaya Aura Device Services

Read More

Customer Advisory | 3CX Suffers Supply Chain Attack: Electron Windows App Drops an Unknown Infostealer

Read More

Customer Advisory | Threat Actors Exploited Microsoft Outlook for Windows (CVE-2023-23397) as Early as April 2022

Read More

PoC Exploit Released for Critical Windows Word Vulnerability CVE-2023-21716

Read More

Customer Advisory | Threat Actors Actively Exploiting ManageEngine Vulnerability CVE-2022-47966

Read More

Customer Advisory: Citrix ADC and Citrix Gateway Critical Vulnerability (CVE-2022-27518) Actively Exploited

Read More

Customer Advisory: FortiOS SSL-VPN Vulnerability (CVE-2022-42475) Exploited in the Wild

Read More

Customer Advisory: Adversaries Are Scanning For and Exploiting Text4Shell Vulnerability (CVE-2022-42889)

Read More

Customer Advisory | Microsoft Exchange Zero-day Vulnerabilities CVE-2022-41040 and CVE-2022-41082, Actively Exploited

Read More

Customer Advisory | Exploit Code Released for Critical Vulnerability, CVE-2022-27255, Affecting Thousands of Routers

Read More

Customer Advisory | Microsoft’s Support Diagnostic Tool Vulnerability, AKA DogWalk, Actively Exploited

Read More

Customer Advisory | Brace for Exploitation; Hardcoded Password for Questions for Confluence App Leaked

Read More

Customer Advisory | Splunk Critical Vulnerability

Read More

Customer Advisory | Critical RCE Vulnerability in Atlassian’s Confluence Server and Data Center Actively Exploited

Read More

Customer Advisory | Microsoft Office Used to Exploit “Follina” (CVE-2022-30190) an RCE Vulnerability in Microsoft’s Support Diagnostic Tool

Read More

Customer Advisory | Critical Vulnerability in Zyxel Firewalls and VPNs Actively Exploited

Read More

Customer Advisory | Exploit Code Released for Critical RCE Vulnerability in F5s BIG-IP

Read More

Customer Advisory | Threat Actors Exploiting Critical WSO2 Vulnerability

Read More

Customer Advisory | Threat Actors Exploiting Critical VMWare Vulnerability

Read More

Customer Advisory | Spring4Shell: What You Need to Know

Read More

Customer Advisory | President Warns of Russian Government Exploring Options for Cyber Attacks

Read More

Customer Advisory | Linux Vulnerability: Dirty Pipe Has Exploit Code Released

Read More

Customer Advisory | NVIDIA Confirms Data Was Stolen as Lapsus$ Takes Credit

Read More

Customer Advisory | Cyber Attacks in Ukraine: What You Need to Know

Read More

Customer Advisory | Exploit Code Released for Critical Cisco Vulnerability: CVE-2022-20699

Read More

Customer Advisory | Critical 0-Day Vulnerability in Adobe Commerce and Magento Open Source Platforms Under Active Exploitation

Read More

Customer Advisory | Exploit Code Released for Windows 10 Vulnerability: CVE-2022-21882

Read More

Customer Advisory | PwnKit: Exploit Released for Polkit’s pkexec Component

Read More

Customer Advisory | Exploit Code Released for CVE-2022-21907: Critical Windows HTTP Vulnerability

Read More

Customer Advisory for Awareness | Grafana Issues a Security Patch After an Exploit for CVE-2021-43798 is Made Public

Read More

Customer Advisory for Awareness | With an Active Campaign Against ServiceDesk Plus, APT Expands Attack on ManageEngine

Read More

Customer Advisory for Awareness | Zero-Day Disclosed in Palo Alto Networks GlobalProtect VPN (CVE-2021-3064)

Read More

Customer Advisory for Awareness | Apache HTTP Server Actively Exploited, Patch is Available, Patch Now!

Read More

Customer Advisory for Awareness | CISA, FBI, and NSA Issue Joint Advisory Regarding Increased Conti Ransomware Attacks

Read More

Customer Advisory for Awareness | Microsoft Warns of New RCE Zero-Day Exploited in Targeted Office Attacks

Read More

Customer Advisory for Awareness | Confluence Enterprise Server & Data Center are Being Actively Exploited

Read More

Customer Advisory for Awareness | Azure Cosmos DB Flaw Could Allow for Complete Database Compromise

Read More

Customer Awareness: Windows Print Spooler RCE Vulnerability CVE-2021-36958

Read More

PetitPotam NTLM Relay Attack

Read More

CVE-2021-33909 & CVE-2021-33910 – Long Path Name in Mountpoint Flaws in the Kernel and Systemd

Read More

U.S. Federal Cybersecurity Advisory: TTPs of Chinese State-Sponsored Cyber Operations

Read More

Kaseya VSA Compromise – REvil Ransomware Attack

Read More

CVE-2021-1675 – PrintNightmare Vulnerability

Read More

CVE-2021-3044 Vulnerability: Cortex XSOAR

Read More

CVE-2021-21985 – Vulnerability Found in VMware vCenter Servers and Cloud Foundation

Read More

CVE-2021-22893 – Pulse Secure VPN Zero-Day & Active Exploits

Read More

Microsoft Exchange Server Zero-Days

Read More

Chasing Silver Sparrow: Keeping an Eye on the Mysterious macOS Malware

Read More

CVE-2021-21972 – Vulnerability Found in VMware vCenter Servers and Cloud Foundation

Read More

Windows Event 4688 – Part I – Eh to Excellent

Read More

SolarWinds Attack – Part II – Is MITRE ATT&CK Falken’s Maze?

Read More

Sudo Vulnerability

Read More

SolarWinds Attack – Part I – From Infrastructure to Endpoint

Read More

Summary of Deepwatch’s Actions in Response to Sunburst IOC

Read More

Oracle WebLogic Vulnerability

Read More

ZeroLogon Threat Review

Read More

Bad Neighbor Vulnerability

Read More

Zerologon Vulnerability

Read More

BootHole Vulnerability SPOT Report

Read More

SAP RECON Vulnerability

Read More

F5 Networks BIG-IP Vulnerabilities

Read More

SPOT Report – Palo Alto Networks Authentication Bypass

Read More

Palo Alto Networks & Cisco Kerberos Authentication Bypass

Read More

SPOT Report – Zoom Zero-Day

Read More

SPOT Report – Apache Tomcat – GhostCat

Read More

SPOT Report – Cisco – CDPwn Vulnerabilities

Read More

SPOT Report – Microsoft Crypt32 Certificate Validation flaw

Read More

SPOT Report – Citrix ADC & Gateway Vulnerability

Read More

SPOT Report – Imperva Security Breach

Read More

Seven Monkeys Vulnerability – SPOT Report – August 2019 Patch Tuesday

Read More

SPOT Report – WebLogic Remote Code Execution

Read More

SPOT Report – SACK Vulnerabilities

Read More

SPOT Report – ZombieLoad

Read More

SPOT Report – Patch Tuesday Vulnerabilities

Read More

SPOT Report – Cisco – Thrangrycat

Read More

SPOT Report – Oracle WebLogic Remote Code Execution CVE-2019-2725

Read More

1-day Vulnerabilities: The Limits of Following the Patch Tuesday Cycle

Read More

Google Chrome FileReader Vulnerability

Read More

Runc Docker Vulnerability

Read More

MS Exchange Privilege Escalation Attack

Read More

DNS Infrastructure Hijacking Campaign

Read More

IE – Scripting Engine Memory Corruption Vulnerability CVE-2018-8653

Read More

Zoom Desktop Conferencing CVE-2018-15715

Read More

Let's Talk

Ready to Become Cyber Resilient?

Meet with our managed security experts to discuss your use cases, technology and pain points and learn how Deepwatch can help.