Threat Watch

Read the latest cybersecurity news and insights from our industry experts

Daily articles & analysis by industry

Subscribe to Our Daily Newsletter

Outsmart your adversaries with daily views into the current threat landscape. The experts on our counterintelligence team analyze the latest cybersecurity news and offer insights that you can leverage to protect your business.

Latest Post

Justice Department Officials Urge Congress to Pass Ransomware Notification Law

The US Senate Judiciary Committee convened a hearing to discuss the growing threat of ransomware. US Justice department officials strongly supported legislation requiring companies to …

Daily summaries of threats, delivered straight to your inbox!
 

View All Posts

Mac Malware Stealing Data from Non-Sandboxed Apps

XCSSET, classified as an ongoing malware campaign by Trend Micro, is targeting MacOS users’ information by infecting Xcode projects. The most recent campaign has been spotted targeting Google Chrome and …

Read More

Microsoft Recommends Disabling NTLM to Prevent Domain Takeover From PetitPotam Attack

Security researcher Gilles Lionel recently shared technical details and a Proof-of-Concept (PoC) of an attack implementation that abuses a flaw in the Microsoft Encrypting File System Remote Protocol (MS-EFSRPC) to …

Read More

Guntrader.uk Breached in Drive-by Style Attack

UK firearms trading site Guntrader.uk had its SQL database stolen and in turn posted to RaidForums earlier this week. The database included details from around 111,000 users who were active …

Read More

Disclosed Vulnerability in Ubuntu Snapcraft Allows Remote Code Execution

Amy Burnett (itzn), working responsibility in conjunction with the Ubuntu Security Team, has released her report and Proof of Concept (POC) on CVE-2020-27348.  The bug in Ubuntu’s widespread and embedded …

Read More

Ransomware: Kaseya Says it Has Now Got the REvil Decryption Key- and it Works

On July 22, Kaseya announced they had received the decryption key for REvil ransomware 20 days after the group launched an attack on the systems of companies that used Kaseya’s …

Read More

Ransomware Group Breached CNA’s Network via Fake Browser Update

Leading US insurance company CNA Financial has provided a glimpse into how Phoenix CryptoLocker operators breached its network, stole data and deployed ransomware payloads in a ransomware attack that hit …

Read More

NIST Releases Security Minimums for Developers

Pursuant to the United States’ Executive Order (EO) 14028, Improving the Nation’s Cybersecurity, the National Institute of Standards and Technology (NIST) has released its new document with recommendations for software …

Read More

Large Amount of Information Left Unsecured and Affects US Cities

A large cache of information left unprotected and affecting many US Municipalities has been discovered by the ethical hacking team at WizCase. The common denominator was software provided by PeopleGIS …

Read More