Skip to content

Derek Krein

Members Public

Cyber Threat Weekly – #33

The week of July 1st through July 7th was back down to 379 cyber news articles reviewed.  A relatively light amount of cyber threat trend and adversarial behavior news to share.  Let’s start with an unprecedented password dump, nearly 10 billion unique passwords. HTTP File Server (HFS) Remote Code

Members Public

Cyber Threat Weekly – #32

The week of June 24th through June 30th picked up with 439 cyber news articles reviewed.  Only a light amount of cyber threat trend and adversarial behavior news to share.  Let’s start with Juniper releases fix for critical authentication bypass bug. Run pipelines as any user in GitLab, critical

Members Public

Cyber Threat Weekly – #31

The week of June 17th through June 23rd was lighter than usual with 342 cyber news articles reviewed.  Only a moderate amount of cyber threat trend and adversarial behavior news to share.  Let’s start with the CDK Global IT outage caused by BlackSuit ransomware. Outdated Android phones targeted by

Members Public

Cyber Threat Weekly – #30

The week of June 10th through June 16th was a bit heavier with 407 cyber news articles reviewed.  Quite a bit of cyber threat trend and adversarial behavior news to share.  Let’s start with a new Linux malware controlled through Discord emojis. Poisoning ML models via pickle files.  Black

Members Public

Cyber Threat Weekly – #29

The week of June 3rd through June 9th was about average with 379 cyber news articles reviewed.  Only a light amount of cyber threat trend and adversarial behavior news to share.  Let’s start with researchers sharing a deep analysis of Vidar Stealer. Another Confluence flaw, this one is high

Members Public

Cyber Threat Weekly – #28

The week of May 27th through June 2nd was a bit light with only 381 cyber news articles reviewed.  Still a decent amount of cyber threat trend and adversarial behavior news to share.  Let’s start with new phishing tricks.  Threat actors advertising Pulse Connect Secure zero-day. The use of

Members Public

Cyber Threat Weekly – #27

The week of May 20th through May 26th was close to last week with 449 cyber news articles reviewed.  A somewhat light amount of cyber threat trend and adversarial behavior news to share.  Let’s start with self-hosted versions of GitHub SAML SSO bug. Researchers observe threat actors abusing legit

Members Public

Cyber Threat Weekly – #26

The week of May 13th through May 19th was a bit heavy with 459 cyber news articles reviewed.  A relatively light amount of cyber threat trend and adversarial behavior news to share.  Let’s start with LockBit ransomware emails sent from botnet. Threat actors abusing DNS for tracking and discovery.

Members Public

Cyber Threat Weekly – #25

The week of April 6th through April 12th was near average with 428 cyber news articles reviewed. A moderate amount of cyber threat trend and adversarial behavior news to share.  Let’s start with Tinyproxy critical remote code execution bug.  Citrix fixes bug nearly identical to CitrixBleed, but not as

Members Public

Cyber Threat Weekly – #24

The week of April 29th through May 5th was light with only 369 cyber news articles reviewed.  But a large amount of cyber threat trend and adversarial behavior news to share.  Let’s start with threat actors took 29 days from IcedID infection to ransomware. World Password Day Survey 2024.