Threat Intelligence

Cyber Intel Brief

Weekly reports provided from the Deepwatch Threat Intel Team to improve situational awareness and education on the latest cyber threats.

Filter by:

Cyber Intel Brief: April 04 – 10, 2024

CoralRaider Gets Social, VenomRAT Deployed by ScrubCrypt, and Nearly 50 New Data Leak Victims

Cyber Intel Brief: March 28 – April 03, 2024

WarzoneRAT is Back, Ransomware Has a New Agenda, XZ Backdoor Delivered by Trusted Source, and the Latest from Data Leak Sites

Cyber Intel Brief: March 21 – 27, 2024

Kimsuky Updates Playbook, Turla Backdoor Attack Chain Exposed, StrelaStealer Debuts, and MuddyWater Rises

Cyber Intel Brief: March 14 – 20, 2024

Latest Phishing Tactics and Techniques, ShadowSyndicate Scanning Servers, and Fake Google Docs Pages Deliver Azorult Infostealer

Cyber Intel Brief: March 07 – 13, 2024

Infostealer Circulated Through Facebook, Magnet Goblin Deploys Malware, PLUS 3 Common Post Network Device Tactics and eRAT

Cyber Intel Brief: February 29 – March 06, 2024

CISA Exposes Phobos Affiliates, New Attack Chain Steals NTLM, Plus Terminator and BABYSHARK

Cyber Intel Brief: February 22 – 28, 2024

Russian Turla Deploys New Arsenal, Attackers Exploit ScreenConnect to Deliver Malware, and Cozy Bear Goes Cloud

Cyber Intel Brief: February 15 – 21, 2024

TicTacToe Dropper Is No Game, No Malware Needed for Access to Government Victim, and Tycoon Group Offers New Phishing-as-a-Service

Cyber Intel Brief: February 8 – 14, 2024

CISA Warns of Chinese Pre-Positioning for Attacks, New Raspberry Robin Variant, Bumblebee and Pikabot Return, Ivanti Vulnerability Deploys Unknown Webshell, and Nearly 100 New Ransomware Victims in a Week.

Cyber Intel Brief: February 1 – 7, 2024

Another Ivanti Connect Secure and Policy Secure Vulnerability, Details on the Cloudflare Attack, a New Variant of Mispadu Stealer, and Valid Account Abuse Challenges.

Cyber Intel Brief: January 25 – 31, 2024

Fake Website Impersonates Apple Apps, Midnight Blizzard Attacks Microsoft, Publicly-exposed RDP Gets Data Stolen and Ransomware in Three Hours

Cyber Intel Brief: January 18 – 24, 2024

Androxgh0st Spooks Targets, Iranian APT Spear Phishing, North Korean ScarCruft Campaign Planning, and Critical Vulnerabilities in Confluence

Cyber Intel Brief: January 11 – 17, 2024

Github Abuses, Ivanti Connect Secure VPN Compromises, New Cloud Hacking Tool FBot, and Phemedrone Infostealer Targets Microsoft Windows Defender SmartScreen

Cyber Intel Brief: January 4 – 10, 2024

NVIDIA Executable for DLL Sideloading, Phishing with AsyncRAT, and Compromised YouTube Channels Spread Lumma Stealer

Cyber Intel Brief: December 27, 2023 – January 4, 2024

New qBit Infostealer, Cybercriminals Utilize Microsoft's App Installer to Deploy Malware, and a Google Exploit Restores Expired Cookies to Allow Persistent Access

Cyber Intel Brief: December 21 – 27, 2023

Phishing Campaign Uses DarkGate RAT and NetSupport, ATI OSINT and Diligence Pays Dividends, and For Crying Out Loud–Stop Using Microsoft Exchange Server 2013

Cyber Intel Brief: December 13 – 20, 2023

CozyBear Exploits JetBrains TeamCity, Qakbot Gets Regifted, Phishing Campaign Uses Publicly Available Tool Predator, and an Unexpected Gift from CISA

Cyber Intel Brief: December 7 – 13, 2023

Russian APT Star Blizzard, Growing Insider Threats, Escalating QR Code Phishing, and the More_Eggs Backdoor

Cyber Intel Brief: November 29 – December 6, 2023

New Nova Infostealer, Gh0st RAT Evolves, New Toolset Unleashed, and a Look at Microsoft Outlook Attack Vectors

Cyber Intel Brief: November 22 – 29, 2023

Diamond Sleet Rains Worldwide, Two New Web Shell Threats, New Botnet GoTitan Discovered, and Malware Shop Persian Remote World Sells RATS

Cyber Intel Brief: November 16 – 22, 2023

Scattered Spider Targets IT Help Desks, Compromised VPN Credentials Lead to Rhysida, and a New Phishing Campaign Delivers Darkgate/Pikabot

Cyber Intel Brief: November 08 – 15, 2023

Lace Tempest Storms Zero-day, Confluence Suffers Vulnerability, APT MuddyWater Evolves C2, and BatLoaders Spread Infostealers

Cyber Intel Brief: November 02 – 08, 2023

Critical Apache ActiveMQ Vulnerability, New Millenium RAT & AsyncRAT, Socks5Systemz Botnet, and Gootloader Adds Gootbot

Cyber Intel Brief: October 25 – November 01, 2023

APT Octo-Tempest Methods, StripedFly Malware, NetSupport Manager Compromises, and Threat Actors Bypassing MFA

Cyber Intel Brief: October 18 – 25, 2023

Vulnerability in JetBrains TeamCity Servers, Massive Attacks lead to Cryptomining and Backdoors, SSH Servers Offer Threat Actors Opportunities, and New Dual DLL Sideloading Technique Deploys QasarRat

Cyber Intel Brief: October 12 – 18, 2023

Darkgate Malware Hits Skype and Teams, ToddyCat APT Creates Backdoors, Ether-Hiding Technique Moves Malware to Blockchain, and Ransomware Data Leak Sites Continue to Add Victims

Cyber Intel Brief: October 05 – 11, 2023

Qakbot Actors Distribute Ransom Knight Ransomware, Storm-0324 Leverages Microsoft Teams to Distribute JSSLoader, a new APT Grayling Emerges, and Rhysida Ransomware Operators Leverage Valid VPN Credentials

Cyber Intel Brief: September 28 – October 03, 2023

BlackTech Compromises Routers, Lumma Sets Up On Over 150 Servers, Ransomware Groups Repeatedly Hitting Victims, New Malware-as-a-Service Bunnyloader Surfaces, and EvilProxy Phishing Targets Job Site Indeed

Cyber Intel Brief: September 21 – 27, 2023
Cyber Intel Brief: September 14 – 20, 2023
Cyber Intel Brief: September 07 – 13, 2023
Cyber Intel Brief: August 29 – September 06, 2023
Cyber Intel Brief: August 24 – 30, 2023
Cyber Intel Brief: August 16 – 23, 2023
Cyber Intel Brief: August 10 – 16, 2023
Cyber Intel Brief: August 02 – 09, 2023
Cyber Intel Brief: July 26 – August 02, 2023
Cyber Intel Brief: July 19 – 26, 2023
Cyber Intel Brief: July 12 – 19, 2023
Cyber Intel Brief: July 06 – 12, 2023
Cyber Intel Brief: June 29 – July 05, 2023
Cyber Intel Brief: June 22 – 28, 2023
Cyber Intel Brief: June 14 – 21, 2023
Cyber Intel Brief: June 08 – 14, 2023
Cyber Intel Brief: June 01 – 07, 2023
Cyber Intel Brief: May 24 – 31, 2023
Cyber Intel Brief: May 18 – 24, 2023
Cyber Intel Brief: May 11 – 17, 2023
Cyber Intel Brief: May 04 – 10, 2023
Cyber Intel Brief: April 27 – May 03, 2023
Cyber Intel Brief: April 19 – 26, 2023
Cyber Intel Brief: April 13 – 19, 2023
Cyber Intel Brief: April 06 – 12, 2023
Cyber Intel Brief: Mar 30 – April 05, 2023
Cyber Intel Brief: Mar 23 – 29, 2023
Cyber Intel Brief: Mar 16 – 22, 2023
Cyber Intel Brief: Mar 09 – 15, 2023
Cyber Intel Brief: Mar 02 – 08, 2023
Cyber Intel Brief: Feb 23 – Mar 01, 2023
Cyber Intel Brief: Feb 15 – 22, 2023
Cyber Intel Brief: Feb 09 – 15, 2023
Cyber Intel Brief: Feb 02 – 08, 2023
Cyber Intel Brief: Jan 25 – Feb 01, 2023
Cyber Intel Brief: Jan 19 – 25, 2023
Cyber Intel Brief: Jan 12 – 18, 2023
Cyber Intel Brief: Jan 5 – 11, 2023
Cyber Intel Brief: Dec 29, 2022 – Jan 4, 2023
Cyber Intel Brief: Dec 21 – 28, 2022
Cyber Intel Brief: Dec 15 – 21, 2022
Cyber Intel Brief: Dec 8 – 14, 2022
Cyber Intel Brief: Dec 1 – 7, 2022
Cyber Intel Brief: Nov 24 – 30, 2022
Cyber Intel Brief: Nov 17 – 23, 2022
Cyber Intel Brief: Nov 10 – 16, 2022
Cyber Intel Brief: Nov 3 – 9, 2022
Cyber Intel Brief: Oct 27 – Nov 3, 2022
Cyber Intel Brief: Oct 20 – 26, 2022
Cyber Intel Brief: Oct 13 – 19, 2022
Cyber Intel Brief: Oct 6 – 12, 2022
Cyber Intel Brief: Sept 29 – Oct 5, 2022
Cyber Intel Brief: Sept 22 – 28, 2022
Cyber Intel Brief: Sept 14 – 21, 2022
Cyber Intel Brief: Sept 8 – 14, 2022
Cyber Intel Brief: Sept 1 – 7, 2022
Cyber Intel Brief: Aug 25 – 31, 2022
Cyber Intel Brief: Aug 18 – 24, 2022
Cyber Intel Brief: Aug 11 – 18, 2022
Cyber Intel Brief: Aug 4 – 10, 2022
Cyber Intel Brief: July 28 – Aug 03, 2022
Cyber Intel Brief: July 21 – 27, 2022
Cyber Intel Brief: July 14 – 20, 2022
Cyber Intel Brief: June 30 – July 6, 2022
Cyber Intel Brief: June 23 – 29, 2022
Cyber Intel Brief: June 16 – 22, 2022
Cyber Intel Brief: June 9 – 15, 2022
Cyber Intel Brief: June 2 – 8, 2022
Cyber Intel Brief: May 26 – June 1, 2022
Cyber Intel Brief: May 19 – 25, 2022
Cyber Intel Brief: May 12 – 18, 2022
Cyber Intel Brief: May 05 – 11, 2022
Cyber Intel Brief: April 28- May 4, 2022
Cyber Intel Brief: April 21-27, 2022
Cyber Intel Brief: April 14-20, 2022
Cyber Intel Brief: April 7-13, 2022
Cyber Intel Brief: March-31-April 6, 2022
Cyber Intel Brief: March-24-30, 2022
Cyber Intel Brief: March-17-23, 2022

Let's Talk

Ready to Become Cyber Resilient?

Meet with our managed security experts to discuss your use cases, technology and pain points and learn how Deepwatch can help.