Threat Report

Customer Advisory for Awareness | Grafana Issues a Security Patch After an Exploit for CVE-2021-43798 is Made Public

December 09, 2021 Prepared by deepwatch Threat Intel Team Key Points: After security researchers released proof-of-concept...

Customer Advisory for Awareness | With an Active Campaign Against ServiceDesk Plus, APT Expands Attack on ManageEngine

December 03, 2021 Prepared by deepwatch Threat Intel Team Source: Palo Alto Unit 42 Key Points: Over three months, a persistent...

Customer Advisory for Awareness | Zero-Day Disclosed in Palo Alto Networks GlobalProtect VPN (CVE-2021-3064)

November 15, 2021 Prepared by deepwatch Threat Intel Team Key Points: Palo Alto Networks GlobalProtect VPN has a new zero-day...

Customer Advisory for Awareness | Apache HTTP Server Actively Exploited, Patch is Available, Patch Now!

10.05.21 deepwatch Labs Threat Report Update: Recently Apache reported that the fix for CVE-2021-41773 in Apache HTTP Server...

Customer Advisory for Awareness | CISA, FBI, and NSA Issue Joint Advisory Regarding Increased Conti Ransomware Attacks

Key Points: Significant Increase In Ransomware Activity, Specifically the Conti Variant Highly Recommended to Review Best...

Customer Advisory for Awareness | Microsoft Warns of New RCE Zero-Day Exploited in Targeted Office Attacks

Key Points: Microsoft issued an alert on September 7 to notify organizations about a new zero-day being exploited in real-world...

Customer Advisory for Awareness | Confluence Enterprise Server & Data Center are Being Actively Exploited

Key Points: Active exploitation has been spotted for Confluence Enterprise Server and Data Center software versions which...

Customer Advisory for Awareness | Azure Cosmos DB Flaw Could Allow for Complete Database Compromise

Key Points: A Cloud infrastructure security team discovered a significant flaw in Microsoft’s Azure Cosmos database. Fortune...

Customer Awareness: Windows Print Spooler RCE Vulnerability CVE-2021-36958

This is a follow-up to the deepwatch announcement “CVE-2021-1675 – PoC Released For Windows Print Spooler RCE Vulnerability”...

PetitPotam NTLM Relay Attack

Summary A French security researcher, Gilles Lionel, discovered a new NTLM relay attack he has dubbed PetitPotam. Giles published...