×

Deepwatch Announces New Platform Enhancements to Maximize Cyber Resilience.

Read the News

New Threats, Growing Risk

Deepwatch Threat Intelligence

Discover new threats, complex techniques, and attack bulletins from the Deepwatch Adversary and Intelligence team.

Filter by:

Deepwatch-Labs-Logo
09.29.23

Cyber Intel Brief: September 21 – 27, 2023

Knight Ransomware Jousts, Sandman Creeps, APTs Work Together on Cyber Espionage, Cozy Bear Evolves, and New RaaS ShadowSyndicate Steps Out Threat actors deliver Knight ransomware in phishing emails, Sandman APT targets global telecoms in a cyber-espionage campaign, three APTs seem to have coordinated efforts in cyber espionage against a Southeast Asian government, Cozy bear is… Continue reading Cyber Intel Brief: September 21 – 27, 2023
Read More
Cyber Intel Brief
09.22.23
Cyber Intel Brief: September 14 – 20, 2023
Read More
Customer Awareness Advisory
09.15.23
Voice Phishing’s Success with Resetting Single Sign-on Portal Passwords Sees Sudden Surge
Read More
Cyber Intel Brief
09.15.23
Cyber Intel Brief: September 07 – 13, 2023
Read More
Cyber Intel Brief
09.08.23
Cyber Intel Brief: August 29 – September 06, 2023
Read More
Cyber Intel Brief
09.01.23
Cyber Intel Brief: August 24 – 30, 2023
Read More
Cyber Intel Brief
08.28.23
Cyber Intel Brief: August 16 – 23, 2023
Read More
Industry Insights
08.23.23
The Resurgence of Raccoon Stealer: A Closer Look at the Evolved Malware-as-a-Service
Read More
Industry Insights
08.22.23
Unveiling the NetScaler Exploitation Campaign
Read More
Cyber Intel Brief
08.18.23
Cyber Intel Brief: August 10 – 16, 2023
Read More
Industry Insights
08.15.23
Unveiling Ransomware Groups’ Hidden Patterns: Insights from Clustering Attacker Behavior
Read More
Industry Insights
08.14.23
Social Engineering, Smishing, and MFA-Fatigue Campaigns
Read More
Cyber Intel Brief
08.14.23
Cyber Intel Brief: August 02 – 09, 2023
Read More
Cyber Intel Brief
08.07.23
Cyber Intel Brief: July 26 – August 02, 2023
Read More
Cyber Intel Brief
07.27.23
Cyber Intel Brief: July 19 – 26, 2023
Read More
Cyber Intel Brief
07.21.23
Cyber Intel Brief: July 12 – 19, 2023
Read More
Customer Awareness Advisory
07.19.23
NetScaler ADC and Gateway CVE-2023-3519 Actively Exploited
Read More
Cyber Intel Brief
07.13.23
Cyber Intel Brief: July 06 – 12, 2023
Read More
Customer Awareness Advisory
07.13.23
Customer Advisory: Awareness | Storm-0978 (RomCom): Cyber-espionage Campaign Targeting NATO Talks, Exploiting CVE-2023-36884
Read More
Cyber Intel Brief
07.06.23
Cyber Intel Brief: June 29 – July 05, 2023
Read More
Cyber Intel Brief
06.29.23
Cyber Intel Brief: June 22 – 28, 2023
Read More
Cyber Intel Brief
06.22.23
Cyber Intel Brief: June 14 – 21, 2023
Read More
Cyber Intel Brief
06.15.23
Cyber Intel Brief: June 08 – 14, 2023
Read More
Customer Awareness Advisory
06.14.23
Customer Advisory: Awareness | Threat Actors Exploiting Critical Vulnerability (CVE-2023-27997) in FortiOS and FortiProxy
Read More
Cyber Intel Brief
06.08.23
Cyber Intel Brief: June 01 – 07, 2023
Read More
Significant Cyber Event (SCE)
06.02.23
Operation I like to MOVEit, MOVEit; Active Exploitation of MOVEit Transfer Leads to Data Theft
Read More
Significant Cyber Event (SCE)
06.01.23
Deepwatch Detects Webshell Activity After Suspected Exploitation of a Critical Vulnerability in Progress Software’s MOVEit Transfer Product
Read More
Cyber Intel Brief
06.01.23
Cyber Intel Brief: May 24 – 31, 2023
Read More
Cyber Intel Brief
05.25.23
Cyber Intel Brief: May 18 – 24, 2023
Read More
Cyber Intel Brief
05.18.23
Cyber Intel Brief: May 11 – 17, 2023
Read More
Cyber Intel Brief
05.11.23
Cyber Intel Brief: May 04 – 10, 2023
Read More
Cyber Intel Brief
05.04.23
Cyber Intel Brief: April 27 – May 03, 2023
Read More
Cyber Intel Brief
04.27.23
Cyber Intel Brief: April 19 – 26, 2023
Read More
Customer Awareness Advisory
04.26.23
Customer Advisory: Awareness | Deepwatch Observes Unauthenticated Remote Code Execution Vulnerability Exploitation in Avaya Aura Device Services
Read More
Cyber Intel Brief
04.20.23
Cyber Intel Brief: April 13 – 19, 2023
Read More
Cyber Intel Brief
04.13.23
Cyber Intel Brief: April 06 – 12, 2023
Read More
Cyber Intel Brief
04.06.23
Cyber Intel Brief: Mar 30 – April 05, 2023
Read More
Customer Awareness Advisory
03.30.23
Customer Advisory | 3CX Suffers Supply Chain Attack: Electron Windows App Drops an Unknown Infostealer
Read More
Cyber Intel Brief
03.30.23
Cyber Intel Brief: Mar 23 – 29, 2023
Read More
Cyber Intel Brief
03.23.23
Cyber Intel Brief: Mar 16 – 22, 2023
Read More
Significant Cyber Event (SCE)
03.22.23
Early Discovery by Deepwatch ATI Finds Adobe ColdFusion Threats
Read More
Customer Awareness Advisory
03.21.23
Customer Advisory | Threat Actors Exploited Microsoft Outlook for Windows (CVE-2023-23397) as Early as April 2022
Read More
Cyber Intel Brief
03.20.23
Cyber Intel Brief: Mar 09 – 15, 2023
Read More
Customer Awareness Advisory
03.09.23
PoC Exploit Released for Critical Windows Word Vulnerability CVE-2023-21716
Read More
Cyber Intel Brief
03.09.23
Cyber Intel Brief: Mar 02 – 08, 2023
Read More
Cyber Intel Brief
03.02.23
Cyber Intel Brief: Feb 23 – Mar 01, 2023
Read More
Cyber Intel Brief
02.23.23
Cyber Intel Brief: Feb 15 – 22, 2023
Read More
Cyber Intel Brief
02.16.23
Cyber Intel Brief: Feb 09 – 15, 2023
Read More
Cyber Intel Brief
02.10.23
Cyber Intel Brief: Feb 02 – 08, 2023
Read More
Cyber Intel Brief
02.03.23
Cyber Intel Brief: Jan 25 – Feb 01, 2023
Read More
Cyber Intel Brief
01.27.23
Cyber Intel Brief: Jan 19 – 25, 2023
Read More
Customer Awareness Advisory
01.20.23
Customer Advisory | Threat Actors Actively Exploiting ManageEngine Vulnerability CVE-2022-47966
Read More
Cyber Intel Brief
01.19.23
Cyber Intel Brief: Jan 12 – 18, 2023
Read More
Cyber Intel Brief
01.12.23
Cyber Intel Brief: Jan 5 – 11, 2023
Read More
Cyber Intel Brief
01.05.23
Cyber Intel Brief: Dec 29, 2022 – Jan 4, 2023
Read More
Cyber Intel Brief
12.29.22
Cyber Intel Brief: Dec 21 – 28, 2022
Read More
Cyber Intel Brief
12.23.22
Cyber Intel Brief: Dec 15 – 21, 2022
Read More
Cyber Intel Brief
12.15.22
Cyber Intel Brief: Dec 8 – 14, 2022
Read More
Customer Awareness Advisory
12.14.22
Customer Advisory: Citrix ADC and Citrix Gateway Critical Vulnerability (CVE-2022-27518) Actively Exploited
Read More
Customer Awareness Advisory
12.13.22
Customer Advisory: FortiOS SSL-VPN Vulnerability (CVE-2022-42475) Exploited in the Wild
Read More
Cyber Intel Brief
12.08.22
Cyber Intel Brief: Dec 1 – 7, 2022
Read More
Cyber Intel Brief
12.01.22
Cyber Intel Brief: Nov 24 – 30, 2022
Read More
Cyber Intel Brief
11.25.22
Cyber Intel Brief: Nov 17 – 23, 2022
Read More
Cyber Intel Brief
11.17.22
Cyber Intel Brief: Nov 10 – 16, 2022
Read More
Cyber Intel Brief
11.10.22
Cyber Intel Brief: Nov 3 – 9, 2022
Read More
Cyber Intel Brief
11.07.22
Cyber Intel Brief: Oct 27 – Nov 3, 2022
Read More
Cyber Intel Brief
10.27.22
Cyber Intel Brief: Oct 20 – 26, 2022
Read More
Customer Awareness Advisory
10.22.22
Customer Advisory: Adversaries Are Scanning For and Exploiting Text4Shell Vulnerability (CVE-2022-42889)
Read More
Cyber Intel Brief
10.20.22
Cyber Intel Brief: Oct 13 – 19, 2022
Read More
Cyber Intel Brief
10.13.22
Cyber Intel Brief: Oct 6 – 12, 2022
Read More
Cyber Intel Brief
10.07.22
Cyber Intel Brief: Sept 29 – Oct 5, 2022
Read More
Customer Awareness Advisory
09.30.22
Customer Advisory | Microsoft Exchange Zero-day Vulnerabilities CVE-2022-41040 and CVE-2022-41082, Actively Exploited
Read More
Cyber Intel Brief
09.29.22
Cyber Intel Brief: Sept 22 – 28, 2022
Read More
Cyber Intel Brief
09.23.22
Cyber Intel Brief: Sept 14 – 21, 2022
Read More
Threat Report
09.22.22
Gootloader Poisoned Blogs Uncovered by Deepwatch’s ATI Team
Read More
Cyber Intel Brief
09.15.22
Cyber Intel Brief: Sept 8 – 14, 2022
Read More
Threat Report
09.12.22
How Deepwatch’s Adversary Tactics and Intelligence Team Approaches Cyber Threat Intelligence
Read More
Cyber Intel Brief
09.09.22
Cyber Intel Brief: Sept 1 – 7, 2022
Read More
Cyber Intel Brief
09.01.22
Cyber Intel Brief: Aug 25 – 31, 2022
Read More
Cyber Intel Brief
08.26.22
Cyber Intel Brief: Aug 18 – 24, 2022
Read More
Cyber Intel Brief
08.19.22
Cyber Intel Brief: Aug 11 – 18, 2022
Read More
Customer Awareness Advisory
08.18.22
Customer Advisory | Exploit Code Released for Critical Vulnerability, CVE-2022-27255, Affecting Thousands of Routers
Read More
Cyber Intel Brief
08.12.22
Cyber Intel Brief: Aug 4 – 10, 2022
Read More
Customer Awareness Advisory
08.10.22
Customer Advisory | Microsoft’s Support Diagnostic Tool Vulnerability, AKA DogWalk, Actively Exploited
Read More
Cyber Intel Brief
08.05.22
Cyber Intel Brief: July 28 – Aug 03, 2022
Read More
Threat Report
08.02.22
Deepwatch ATI detects and responds to never before discovered backdoor deployed using Confluence vulnerability for suspected Espionage
Read More
Cyber Intel Brief
07.28.22
Cyber Intel Brief: July 21 – 27, 2022
Read More
Customer Awareness Advisory
07.26.22
Customer Advisory | Brace for Exploitation; Hardcoded Password for Questions for Confluence App Leaked
Read More
Cyber Intel Brief
07.22.22
Cyber Intel Brief: July 14 – 20, 2022
Read More
Cyber Intel Brief
07.08.22
Cyber Intel Brief: June 30 – July 6, 2022
Read More
Cyber Intel Brief
07.01.22
Cyber Intel Brief: June 23 – 29, 2022
Read More
Cyber Intel Brief
06.24.22
Cyber Intel Brief: June 16 – 22, 2022
Read More
Customer Awareness Advisory
06.22.22
Customer Advisory | Splunk Critical Vulnerability
Read More
Cyber Intel Brief
06.16.22
Cyber Intel Brief: June 9 – 15, 2022
Read More
Cyber Intel Brief
06.10.22
Cyber Intel Brief: June 2 – 8, 2022
Read More
Customer Awareness Advisory
06.03.22
Customer Advisory | Critical RCE Vulnerability in Atlassian’s Confluence Server and Data Center Actively Exploited
Read More
Cyber Intel Brief
06.03.22
Cyber Intel Brief: May 26 – June 1, 2022
Read More
Customer Awareness Advisory
05.31.22
Customer Advisory | Microsoft Office Used to Exploit “Follina” (CVE-2022-30190) an RCE Vulnerability in Microsoft’s Support Diagnostic Tool
Read More
Cyber Intel Brief
05.27.22
Cyber Intel Brief: May 19 – 25, 2022
Read More
Cyber Intel Brief
05.20.22
Cyber Intel Brief: May 12 – 18, 2022
Read More
Customer Awareness Advisory
05.16.22
Customer Advisory | Critical Vulnerability in Zyxel Firewalls and VPNs Actively Exploited
Read More
Cyber Intel Brief
05.12.22
Cyber Intel Brief: May 05 – 11, 2022
Read More
Customer Awareness Advisory
05.10.22
Customer Advisory | Exploit Code Released for Critical RCE Vulnerability in F5s BIG-IP
Read More
Cyber Intel Brief
05.09.22
Cyber Intel Brief: April 28- May 4, 2022
Read More
Cyber Intel Brief
05.02.22
Cyber Intel Brief: April 21-27, 2022
Read More
Customer Awareness Advisory
04.25.22
Customer Advisory | Threat Actors Exploiting Critical WSO2 Vulnerability
Read More
Cyber Intel Brief
04.25.22
Cyber Intel Brief: April 14-20, 2022
Read More
Cyber Intel Brief
04.18.22
Cyber Intel Brief: April 7-13, 2022
Read More
Customer Awareness Advisory
04.15.22
Customer Advisory | Threat Actors Exploiting Critical VMWare Vulnerability
Read More
Cyber Intel Brief
04.11.22
Cyber Intel Brief: March-31-April 6, 2022
Read More
Cyber Intel Brief
04.04.22
Cyber Intel Brief: March-24-30, 2022
Read More
Customer Awareness Advisory
03.31.22
Customer Advisory | Spring4Shell: What You Need to Know
Read More
Cyber Intel Brief
03.28.22
Cyber Intel Brief: March-17-23, 2022
Read More
Customer Awareness Advisory
03.23.22
Customer Advisory | President Warns of Russian Government Exploring Options for Cyber Attacks
Read More
Customer Awareness Advisory
03.09.22
Customer Advisory | Linux Vulnerability: Dirty Pipe Has Exploit Code Released
Read More
Customer Awareness Advisory
03.02.22
Customer Advisory | NVIDIA Confirms Data Was Stolen as Lapsus$ Takes Credit
Read More
Customer Awareness Advisory
02.22.22
Customer Advisory | Cyber Attacks in Ukraine: What You Need to Know
Read More
Customer Awareness Advisory
02.17.22
Customer Advisory | Exploit Code Released for Critical Cisco Vulnerability: CVE-2022-20699
Read More
Customer Awareness Advisory
02.15.22
Customer Advisory | Critical 0-Day Vulnerability in Adobe Commerce and Magento Open Source Platforms Under Active Exploitation
Read More
Customer Awareness Advisory
02.02.22
Customer Advisory | Exploit Code Released for Windows 10 Vulnerability: CVE-2022-21882
Read More
Customer Awareness Advisory
01.27.22
Customer Advisory | PwnKit: Exploit Released for Polkit’s pkexec Component
Read More
Customer Awareness Advisory
01.20.22
Customer Advisory | Exploit Code Released for CVE-2022-21907: Critical Windows HTTP Vulnerability
Read More
Significant Cyber Event (SCE)
12.10.21
Significant Cyber Event | Log4j Zero-day With Proof-of-Concept Code and Active Scanning Gets Security Fix
Read More
Customer Awareness Advisory
12.08.21
Customer Advisory for Awareness | Grafana Issues a Security Patch After an Exploit for CVE-2021-43798 is Made Public
Read More
Customer Awareness Advisory
12.03.21
Customer Advisory for Awareness | With an Active Campaign Against ServiceDesk Plus, APT Expands Attack on ManageEngine
Read More
Customer Awareness Advisory
11.15.21
Customer Advisory for Awareness | Zero-Day Disclosed in Palo Alto Networks GlobalProtect VPN (CVE-2021-3064)
Read More
Customer Awareness Advisory
10.05.21
Customer Advisory for Awareness | Apache HTTP Server Actively Exploited, Patch is Available, Patch Now!
Read More
Customer Awareness Advisory
09.23.21
Customer Advisory for Awareness | CISA, FBI, and NSA Issue Joint Advisory Regarding Increased Conti Ransomware Attacks
Read More
Customer Awareness Advisory
09.08.21
Customer Advisory for Awareness | Microsoft Warns of New RCE Zero-Day Exploited in Targeted Office Attacks
Read More
Significant Cyber Event (SCE)
09.02.21
Significant Cyber Event | Exchange Exploitation and Labor Day Weekend
Read More
Customer Awareness Advisory
09.01.21
Customer Advisory for Awareness | Confluence Enterprise Server & Data Center are Being Actively Exploited
Read More
Customer Awareness Advisory
08.27.21
Customer Advisory for Awareness | Azure Cosmos DB Flaw Could Allow for Complete Database Compromise
Read More
Customer Awareness Advisory
08.16.21
Customer Awareness: Windows Print Spooler RCE Vulnerability CVE-2021-36958
Read More
Significant Cyber Event (SCE)
08.13.21
Significant Cyber Event | Microsoft Exchange Servers are being Actively Scanned for ProxyShell
Read More
Customer Awareness Advisory
07.26.21
PetitPotam NTLM Relay Attack
Read More
Significant Cyber Event (SCE)
07.21.21
Significant Cyber Event | CVE-2021-36934 – SeriousSAM Microsoft Windows 10 Vulnerability
Read More
Customer Awareness Advisory
07.21.21
CVE-2021-33909 & CVE-2021-33910 – Long Path Name in Mountpoint Flaws in the Kernel and Systemd
Read More
Customer Awareness Advisory
07.19.21
U.S. Federal Cybersecurity Advisory: TTPs of Chinese State-Sponsored Cyber Operations
Read More
Customer Awareness Advisory
07.02.21
Kaseya VSA Compromise – REvil Ransomware Attack
Read More
Customer Awareness Advisory
07.01.21
CVE-2021-1675 – PrintNightmare Vulnerability
Read More
Customer Awareness Advisory
06.22.21
CVE-2021-3044 Vulnerability: Cortex XSOAR
Read More
Significant Cyber Event (SCE)
05.28.21
Significant Cyber Event | Intelligence Report – Nobelium
Read More
Customer Awareness Advisory
05.26.21
CVE-2021-21985 – Vulnerability Found in VMware vCenter Servers and Cloud Foundation
Read More
Customer Awareness Advisory
04.22.21
CVE-2021-22893 – Pulse Secure VPN Zero-Day & Active Exploits
Read More
Customer Awareness Advisory
03.03.21
Microsoft Exchange Server Zero-Days
Read More
Customer Awareness Advisory
02.26.21
Chasing Silver Sparrow: Keeping an Eye on the Mysterious macOS Malware
Read More
Customer Awareness Advisory
02.25.21
CVE-2021-21972 – Vulnerability Found in VMware vCenter Servers and Cloud Foundation
Read More
Customer Awareness Advisory
02.22.21
Windows Event 4688 – Part I – Eh to Excellent
Read More
Customer Awareness Advisory
02.18.21
SolarWinds Attack – Part II – Is MITRE ATT&CK Falken’s Maze?
Read More
Customer Awareness Advisory
01.27.21
Sudo Vulnerability
Read More
Customer Awareness Advisory
12.29.20
SolarWinds Attack – Part I – From Infrastructure to Endpoint
Read More
Customer Awareness Advisory
12.18.20
Summary of Deepwatch’s Actions in Response to Sunburst IOC
Read More
Customer Awareness Advisory
11.04.20
Oracle WebLogic Vulnerability
Read More
Customer Awareness Advisory
10.19.20
ZeroLogon Threat Review
Read More
Customer Awareness Advisory
10.14.20
Bad Neighbor Vulnerability
Read More
Customer Awareness Advisory
09.14.20
Zerologon Vulnerability
Read More
Customer Awareness Advisory
07.29.20
BootHole Vulnerability SPOT Report
Read More
Customer Awareness Advisory
07.14.20
SAP RECON Vulnerability
Read More
Customer Awareness Advisory
07.06.20
F5 Networks BIG-IP Vulnerabilities
Read More
Customer Awareness Advisory
06.30.20
SPOT Report – Palo Alto Networks Authentication Bypass
Read More
Customer Awareness Advisory
05.15.20
Palo Alto Networks & Cisco Kerberos Authentication Bypass
Read More
Threat Report
04.05.20
Meet the Threat: The Inside Workings of Magecart Breaches
Read More
Customer Awareness Advisory
04.03.20
SPOT Report – Zoom Zero-Day
Read More
Customer Awareness Advisory
03.05.20
SPOT Report – Apache Tomcat – GhostCat
Read More
Customer Awareness Advisory
02.06.20
SPOT Report – Cisco – CDPwn Vulnerabilities
Read More
Customer Awareness Advisory
01.15.20
SPOT Report – Microsoft Crypt32 Certificate Validation flaw
Read More
Customer Awareness Advisory
12.24.19
SPOT Report – Citrix ADC & Gateway Vulnerability
Read More
Customer Awareness Advisory
08.28.19
SPOT Report – Imperva Security Breach
Read More
Customer Awareness Advisory
08.16.19
Seven Monkeys Vulnerability – SPOT Report – August 2019 Patch Tuesday
Read More
Customer Awareness Advisory
06.20.19
SPOT Report – WebLogic Remote Code Execution
Read More
Customer Awareness Advisory
06.20.19
SPOT Report – SACK Vulnerabilities
Read More
Customer Awareness Advisory
05.15.19
SPOT Report – ZombieLoad
Read More
Customer Awareness Advisory
05.15.19
SPOT Report – Patch Tuesday Vulnerabilities
Read More
Customer Awareness Advisory
05.15.19
SPOT Report – Cisco – Thrangrycat
Read More
Threat Report
05.13.19
Profile of an Adversary – FIN7
Read More
Customer Awareness Advisory
05.01.19
SPOT Report – Oracle WebLogic Remote Code Execution CVE-2019-2725
Read More
Customer Awareness Advisory
04.25.19
1-day Vulnerabilities: The Limits of Following the Patch Tuesday Cycle
Read More
Customer Awareness Advisory
03.07.19
Google Chrome FileReader Vulnerability
Read More
Customer Awareness Advisory
02.11.19
Runc Docker Vulnerability
Read More
Customer Awareness Advisory
01.25.19
MS Exchange Privilege Escalation Attack
Read More
Customer Awareness Advisory
01.10.19
DNS Infrastructure Hijacking Campaign
Read More
Customer Awareness Advisory
12.21.18
IE – Scripting Engine Memory Corruption Vulnerability CVE-2018-8653
Read More
Customer Awareness Advisory
12.02.18
Zoom Desktop Conferencing CVE-2018-15715
Read More

Let's Talk

Ready to Become Cyber Resilient?

Meet with our managed security experts to discuss your use cases, technology and pain points and learn how Deepwatch can help.