Deepwatch Labs

Cyber Threat Intelligence

Curated cybersecurity threat intelligence to keep your organization and SOC ahead of the latest security threats and zero-day vulnerabilities.

Filter Labs by:

04.15.22

Customer Advisory | Threat Actors Exploiting Critical VMWare Vulnerability

Updated 5.19.22 Overview On May 18, CISA released a Cybersecurity Advisory (CSA) warning organizations that threat actors are exploiting vulnerabilities CVE-2022-22960 and CVE-2022-22954. In one case on April 12, according to reports that CISA had received from third parties, threat actors, logged in as a VMware user, executed an arbitrary shell command after exploiting CVE-2022-22954… Continue reading Customer Advisory | Threat Actors Exploiting Critical VMWare Vulnerability
Read More
Threat Report
05.16.22
Customer Advisory | Critical Vulnerability in Zyxel Firewalls and VPNs Actively Exploited
Read More
Cyber Intel Brief
05.12.22
Deepwatch-Labs-Logo
Cyber Intel Brief: May 05 – 11, 2022
Read More
Threat Report
05.10.22
Customer Advisory | Exploit Code Released for Critical RCE Vulnerability in F5s BIG-IP
Read More
Cyber Intel Brief
05.09.22
Deepwatch-Labs-Logo
Cyber Intel Brief: April 28- May 4, 2022
Read More
Cyber Intel Brief
05.02.22
Deepwatch-Labs-Logo
Cyber Intel Brief: April 21-27, 2022
Read More
Threat Report
04.25.22
Customer Advisory | Threat Actors Exploiting Critical WSO2 Vulnerability
Read More
Cyber Intel Brief
Deepwatch-Labs-Logo
Cyber Intel Brief: April 14-20, 2022
Read More
Cyber Intel Brief
04.18.22
Deepwatch-Labs-Logo
Cyber Intel Brief: April 7-13, 2022
Read More
Cyber Intel Brief
04.11.22
Deepwatch-Labs-Logo
Cyber Intel Brief: March-31-April 6, 2022
Read More
Cyber Intel Brief
04.04.22
Deepwatch-Labs-Logo
Cyber Intel Brief: March-24-30, 2022
Read More
Threat Report
03.31.22
Customer Advisory | Spring4Shell: What You Need to Know
Read More
Cyber Intel Brief
03.28.22
Deepwatch-Labs-Logo
Cyber Intel Brief: March-17-23, 2022
Read More
Threat Report
03.23.22
Customer Advisory | President Warns of Russian Government Exploring Options for Cyber Attacks
Read More
Threat Report
03.09.22
Customer Advisory | Linux Vulnerability: Dirty Pipe Has Exploit Code Released
Read More
Threat Report
03.02.22
Customer Advisory | NVIDIA Confirms Data Was Stolen as Lapsus$ Takes Credit
Read More
Threat Report
02.22.22
Customer Advisory | Cyber Attacks in Ukraine: What You Need to Know
Read More
Threat Report
02.17.22
Customer Advisory | Exploit Code Released for Critical Cisco Vulnerability: CVE-2022-20699
Read More
Threat Report
02.15.22
Customer Advisory | Critical 0-Day Vulnerability in Adobe Commerce and Magento Open Source Platforms Under Active Exploitation
Read More
Threat Report
02.02.22
Customer Advisory | Exploit Code Released for Windows 10 Vulnerability: CVE-2022-21882
Read More
Threat Report
01.27.22
Customer Advisory | PwnKit: Exploit Released for Polkit’s pkexec Component
Read More
Threat Report
01.20.22
Customer Advisory | Exploit Code Released for CVE-2022-21907: Critical Windows HTTP Vulnerability
Read More
Significant Cyber Event (SCE)
12.10.21
Significant Cyber Event | Log4j Zero-day With Proof-of-Concept Code and Active Scanning Gets Security Fix
Read More
Threat Report
12.08.21
Customer Advisory for Awareness | Grafana Issues a Security Patch After an Exploit for CVE-2021-43798 is Made Public
Read More
Threat Report
12.03.21
Customer Advisory for Awareness | With an Active Campaign Against ServiceDesk Plus, APT Expands Attack on ManageEngine
Read More
Threat Report
11.15.21
Customer Advisory for Awareness | Zero-Day Disclosed in Palo Alto Networks GlobalProtect VPN (CVE-2021-3064)
Read More
Threat Report
10.05.21
Customer Advisory for Awareness | Apache HTTP Server Actively Exploited, Patch is Available, Patch Now!
Read More
Threat Report
09.23.21
Customer Advisory for Awareness | CISA, FBI, and NSA Issue Joint Advisory Regarding Increased Conti Ransomware Attacks
Read More
Threat Report
09.08.21
Customer Advisory for Awareness | Microsoft Warns of New RCE Zero-Day Exploited in Targeted Office Attacks
Read More
Significant Cyber Event (SCE)
09.02.21
Significant Cyber Event | Exchange Exploitation and Labor Day Weekend
Read More
Threat Report
09.01.21
Customer Advisory for Awareness | Confluence Enterprise Server & Data Center are Being Actively Exploited
Read More
Threat Report
08.27.21
Customer Advisory for Awareness | Azure Cosmos DB Flaw Could Allow for Complete Database Compromise
Read More
Threat Report
08.16.21
Customer Awareness: Windows Print Spooler RCE Vulnerability CVE-2021-36958
Read More
Significant Cyber Event (SCE)
08.13.21
Customer Awareness: Microsoft Exchange Servers are being Actively Scanned for ProxyShell
Read More
Threat ReportVulnerability SPOT Report
07.26.21
PetitPotam NTLM Relay Attack
Read More
Significant Cyber Event (SCE)
07.21.21
CVE-2021-36934 – SeriousSAM Microsoft Windows 10 Vulnerability
Read More
Threat ReportVulnerability SPOT Report
CVE-2021-33909 & CVE-2021-33910 – Long Path Name in Mountpoint Flaws in the Kernel and Systemd
Read More
Threat Report
07.19.21
U.S. Federal Cybersecurity Advisory: TTPs of Chinese State-Sponsored Cyber Operations
Read More
Threat Report
07.02.21
Kaseya VSA Compromise – REvil Ransomware Attack
Read More
Vulnerability SPOT Report
07.01.21
CVE-2021-1675 – PrintNightmare Vulnerability
Read More
Vulnerability SPOT Report
06.22.21
CVE-2021-3044 Vulnerability: Cortex XSOAR
Read More
Threat Report
05.28.21
Significant Cyber Event (SCE) Intelligence Report – Nobelium
Read More
Threat ReportVulnerability SPOT Report
05.26.21
CVE-2021-21985 – Vulnerability Found in VMware vCenter Servers and Cloud Foundation
Read More
Threat ReportVulnerability SPOT Report
04.22.21
CVE-2021-22893 – Pulse Secure VPN Zero-Day & Active Exploits
Read More
Threat Report
03.03.21
Microsoft Exchange Server Zero-Days
Read More
Threat Report
02.26.21
Chasing Silver Sparrow: Keeping an Eye on the Mysterious macOS Malware
Read More
Vulnerability SPOT Report
02.25.21
CVE-2021-21972 – Vulnerability Found in VMware vCenter Servers and Cloud Foundation
Read More
Threat Report
02.22.21
Windows Event 4688 – Part I – Eh to Excellent
Read More
Threat Report
02.18.21
SolarWinds Attack – Part II – Is MITRE ATT&CK Falken’s Maze?
Read More
Vulnerability SPOT Report
01.27.21
Sudo Vulnerability
Read More
Threat Report
12.29.20
SolarWinds Attack – Part I – From Infrastructure to Endpoint
Read More
Threat Report
12.18.20
Summary of Deepwatch’s Actions in Response to Sunburst IOC
Read More
Vulnerability SPOT Report
11.04.20
Oracle WebLogic Vulnerability
Read More
Threat ReportVulnerability SPOT Report
10.19.20
ZeroLogon Threat Review
Read More
Vulnerability SPOT Report
10.14.20
Bad Neighbor Vulnerability
Read More
Vulnerability SPOT Report
09.14.20
Zerologon Vulnerability
Read More
Vulnerability SPOT Report
07.29.20
BootHole Vulnerability SPOT Report
Read More
Vulnerability SPOT Report
07.14.20
SAP RECON Vulnerability
Read More
Vulnerability SPOT Report
07.06.20
F5 Networks BIG-IP Vulnerabilities
Read More
Vulnerability SPOT Report
06.30.20
SPOT Report – Palo Alto Networks Authentication Bypass
Read More
Vulnerability SPOT Report
05.15.20
Palo Alto Networks & Cisco Kerberos Authentication Bypass
Read More
Threat Report
04.05.20
Meet the Threat: The Inside Workings of Magecart Breaches
Read More
Vulnerability SPOT Report
04.03.20
SPOT Report – Zoom Zero-Day
Read More
Vulnerability SPOT Report
03.05.20
SPOT Report – Apache Tomcat – GhostCat
Read More
Vulnerability SPOT Report
02.06.20
SPOT Report – Cisco – CDPwn Vulnerabilities
Read More
Vulnerability SPOT Report
01.15.20
SPOT Report – Microsoft Crypt32 Certificate Validation flaw
Read More
Vulnerability SPOT Report
12.24.19
SPOT Report – Citrix ADC & Gateway Vulnerability
Read More
Vulnerability SPOT Report
08.28.19
SPOT Report – Imperva Security Breach
Read More
Vulnerability SPOT Report
08.16.19
Seven Monkeys Vulnerability – SPOT Report – August 2019 Patch Tuesday
Read More
Vulnerability SPOT Report
06.20.19
SPOT Report – WebLogic Remote Code Execution
Read More
Vulnerability SPOT Report
SPOT Report – SACK Vulnerabilities
Read More
Vulnerability SPOT Report
05.15.19
SPOT Report – ZombieLoad
Read More
Vulnerability SPOT Report
SPOT Report – Patch Tuesday Vulnerabilities
Read More
Vulnerability SPOT Report
SPOT Report – Cisco – Thrangrycat
Read More
Threat Report
05.13.19
Profile of an Adversary – FIN7
Read More
Vulnerability SPOT Report
05.01.19
SPOT Report – Oracle WebLogic Remote Code Execution CVE-2019-2725
Read More
Vulnerability SPOT Report
04.25.19
1-day Vulnerabilities: The Limits of Following the Patch Tuesday Cycle
Read More
Vulnerability SPOT Report
03.07.19
Google Chrome FileReader Vulnerability
Read More
Vulnerability SPOT Report
02.11.19
Runc Docker Vulnerability
Read More
Threat Report
01.25.19
MS Exchange Privilege Escalation Attack
Read More
Threat Report
01.10.19
DNS Infrastructure Hijacking Campaign
Read More
Vulnerability SPOT Report
12.21.18
IE – Scripting Engine Memory Corruption Vulnerability CVE-2018-8653
Read More
Vulnerability SPOT Report
12.02.18
Zoom Desktop Conferencing CVE-2018-15715
Read More