Skip to content

Derek Krein

Members Public

Cyber Threat Weekly – #54

The Thanksgiving week of November 25th through December 1st was light with only 263 cyber news articles reviewed.  Only a light amount of cyber threat trend and adversarial behavior news to share.  Let’s start with a novel phishing campaign using corrupted Word docs. Malicious Android SpyLoan apps installed 8

Members Public

Cyber Threat Weekly – #53

The week of November 18th through November 24th, 342 cyber news articles were reviewed.  A moderate amount of cyber threat trend and adversarial behavior news to share.  Let’s start with threat actors love the ‘bring your own vulnerable driver’ attack. Threat actors use Wi-Fi to breach US organization from

Members Public

Cyber Threat Weekly – #52

The week of November 11th through November 17th, 332 cyber news articles were reviewed.  Quite a bit of cyber threat trend and adversarial behavior news to share.  Let’s start with increasing use of SVG attachments in email phishing. An undocumented Fortinet FortiClient bug used to steal VPN credentials.  Palo

Members Public

Cyber Threat Weekly – #51

The week of November 4th through November 10th, 330 cyber news articles were reviewed.  The feed list has been adjusted, so the number of articles should be mostly lower.  Let’s start with threat actors using Zip file concatenation technique. Cybercriminals abuse emergency data requests (EDRs) with compromised credentials.  AWS

Members Public

Cyber Threat Weekly – #50

The week of October 28th through November 3rd, another light week with 346 cyber news articles reviewed.  Still a decent amount of cyber threat trend and adversarial behavior news.  Let’s start with a newer ransomware group targeting FreeBSD servers. Publicly disclosed exploit code used to exploit Microsoft SharePoint flaw.

Members Public

Cyber Threat Weekly – #49

The week of October 21st through October 27th around 361 cyber news articles were reviewed.  Just a light amount of cyber threat trend and adversarial behavior news to share.  Let’s start with ransomware affiliates abusing Sonic Wall VPNs. An update on the Windows downgrade attack.  Threat actors targeting exposed

Members Public

Cyber Threat Weekly – #48

The week of October 14th through October 20th was a bit light with 357 cyber news articles reviewed.  Only a light amount of cyber threat trend and adversarial behavior news to share.  Let’s start with the Internet Archive was breached again. North Korean IT workers resort to extortion.  Deception

Members Public

Technically Validating your Security Program

Sharing The Smart IT Podcast. William Reed and I had a great discussion around the attackers view of your environments, technical assessments of your security program, attacker behavior, and more. The Smart IT Podcast covers a wide range of topics with various guests. I hope you enjoy the content.

Members Public

Cyber Threat Weekly – #47

The week of October 7th through October 13th was a bit light with 361 cyber news articles reviewed.  A decent amount of cyber threat trends and adversarial behavior news to share.  Let’s start with Iranian APT threat actors changing behavior. Open AI releases an update to their threat report.

Members Public

Cyber Threat Weekly – #46

The week of September 30th through October 6th was light with 369 cyber news articles reviewed.  A moderate amount of cyber threat trend and adversarial behavior news to share.  Let’s start with US broadband providers breached. The art and science of DNS tunneling detection.  Adobe Commerce and Magneto online