Browse Blackpoint’s Threat Intel
Mitigation Lessons from 598 Incident Responses: DarkGate Malware, LotL Techniques, and Rclone Attacks
Threat IntelTrojan Malware, Powershell Attacks, and Credential-Stealing
Threat IntelScheduled Tasks, AnyDesk, and VPN Compromise
Threat IntelRust-Based Ransomware is Advancing on MSPs
CybersecurityGreenshot, AnyDesk, TeamViewer, Classroom Spy Pro, ProcDump, and Mimikatz
CybersecurityAlert: Active Exploit of Critical SonicWall CVE via SSLVPN for Initial Access
CybersecurityAlert: New Critical Veeam CVEs Expose Backups to Ransomware Gangs
CybersecurityAzorult Stealer, AsyncRAT, and Trojan Malware
CybersecurityQilin Ransomware
CybersecurityRansomhub Ransomware
CybersecurityAsyncRAT, Lumma Stealer, and Ransomhub Ransomware
CybersecurityModern Cyber Threat Intelligence Conversation with SecurityGuyTV
CybersecurityRaspberry Robin, ScreenConnect, AteraAgent, RDP, whoami, & SharpShares
CybersecurityVanilla Tempest, Oyster Backdoor, NetSupport RAT, and Unknown Infostealers
CybersecuritySYS01 Stealer, Ratty Rat, and AsyncRAT
CybersecurityCrowdStrike BSOD Help, Advanced IP Scanner, TeamViewer, NetSupport RAT, and AsyncRAT
CybersecurityLuminousMoth, Tnega Malware, Advanced IP Scanner, RDP Abuse, and SolarMarker
Threat IntelBrute Ratel, Advanced IP Scanner, and NetSupport RAT
Threat IntelBeyond Phishing: Three More Ways Adversaries Complicate Initial Intrusion
Thought LeadershipAsyncRAT, NetSupport RAT, and VssAdmin Abuse for Shadow Copy Deletion
CompanyPotential BianLian Ransomware, TeamViewer, and BitLocker
CompanyNetscan.exe, Mimikatz, Angry IP Scanner, and RMM Tool Abuse
Threat IntelChromeLoader, Malicious “Innovation Systems” Task, and RDP Abuse
CompanyMITRE ATT&CK T1091: Replication Through Removable Media
Threat IntelChromeLoader, Telegram, RustDesk, and Tailscale
CompanyFIN7 Threat Group
Threat IntelNTLM Credential Theft and Gootloader
CompanyDevos Ransomware, RDP, and NetSupport RAT
CompanyVidar Stealer
CybersecurityAlphv (BlackCat) Ransomware
CybersecuritySangria Tempest, SocGholish, and BITS Download
Threat IntelSocGholish Loader Malware
CybersecurityRATs, Malicious PC Hunter, AnyDesk Abuse, and Malicious PowerShell Scripts
Threat IntelFortiClient EMS, Ivanti, and Palo Alto
Threat IntelWebBrowserPassView, Process Hollowing, and LotL Tool Abuse
Threat IntelDarkGate, SolarMarker, and Malicious PowerShell Commands
Threat IntelUnderstanding Penetration Testing: Beyond Vulnerability Scans
Tech CenterMimikatz, LaZagne, CredentialsFileView, Raspberry Robin, and Scheduled Tasks Abuse: The Blackpoint SOC’s Week in Review for April 4, 2024
Threat IntelFortiClientEMS Vulnerability, Akira Ransomware, and Gootloader: The Blackpoint SOC’s Week in Review for March 29, 2024
Threat IntelVulnerable RMM Tools and Vulnerable Industries: Why Vigilance is Key
Threat IntelAnnual Threat Report Webinar 2024
Threat IntelThis Week in Review: AnyDesk, TeamViewer, QuickBooks, and IsErIk Malware
Threat IntelThis Week in Review: Ligolo Tunneler, Neshta, Purple Fox, and More
Threat IntelBlackpoint Cyber Annual Threat Report 2024
Threat IntelThis Week in Review: ScreenConnect “Updates,” Vidar Malware, & Malicious ZIP Files
Threat IntelMedusa and Midnight Blizzard: How Strong Passwords & MFA Still Help
Threat IntelThis Week in Review: ScreenConnect, QuickBooks, Teamviewer, & More
Threat IntelDon’t arm the enemy. Safeguard your allies
Threat IntelBreaking Through the Screen
Threat IntelDon’t arm the enemy. Safeguard your allies.
Thought LeadershipConnectWise ScreenConnect Vulnerabilities
Threat IntelDemystifying the Dark Web
Threat Intel008: Shedding Light on the Dark Web
People & CultureBlackpoint SOC Protects Against Recent AnyDesk Compromise
Threat IntelThe Mother of All Breaches…or Is It?
Threat IntelThe 5 Most Dominant Threat Actors of 2023
Threat IntelBlackCat Ransomware Group Taken Down, but Ransomware Threats Persist
Threat IntelAPG Threat Digest: 22nd Edition
Threat IntelBlackpoint’s 2024 Cyberthreat Predictions
Threat IntelAPG Threat Digest: 21st Edition
Threat IntelAPG Threat Digest: 20th Edition
Threat IntelAPG Threat Digest: 19th Edition
Threat IntelAPG Threat Digest: 18th Edition
Threat IntelTop Data Breaches in the Last Year
People & CultureAPG Threat Digest: 17th Edition
Threat IntelStrengthening Google Workspace Security
Tech CenterAPG Threat Digest: 16th Edition
Threat IntelAPG Threat Digest: 15th Edition
Threat IntelTop Five Cloud Security Threats
Tech CenterAPG Threat Digest: 14th Edition
Threat IntelScan with Caution: The Light and Dark Sides of QR Codes
Threat IntelAPG Threat Digest: 13th Edition
Threat IntelFIN8 Strikes Again: Advanced Tactics in Recent Cyber Assault
Threat IntelAPG Threat Digest: 12th Edition
Threat IntelPatch It Up: WS_FTP Server’s Unplanned Fixes
Threat IntelShedding Light on Cyberthreats: APT34’s Menorah Malware
Threat IntelFrom Chrome to Everywhere: The Ever-Expanding CVE-2023-4863
Threat IntelUnmasking Ransomed.vc: The New Kid on the Cyber Block
Threat IntelFBI and CISA Team Up to Combat Snatch Ransomware
Threat IntelWhen Vulnerabilities Collide: Juniper’s Critical Collision
Threat IntelViva Las Vulnerabilities: MGM Hit by ALPHV Ransomware
Threat IntelAzure HDInsight Battles Against XSS Vulnerabilities
Threat IntelTop Threat Actor Tactics You Should Be Aware Of: Understanding Cyberthreats in the Digital Age
Thought LeadershipCisco ASA SSL VPN Appliances Under Fire
Threat IntelUnmasking the Acquired Key: Microsoft and Storm-0558’s Tale
Threat IntelBlackpoint Stops Microsoft Intune Abuse in Under One Minute
Threat IntelExcel-lent Phishing Campaign with Agent Tesla Variant
Threat IntelPut on Your Cyber Gloves: BLISTER Loader Resurfaced
Threat IntelOkta’s Social Engineering Escalations
Threat IntelMalDoc in PDF: The Word Doc and PDF Team Up
Threat IntelQakbot’s Quack Attack Comes to an End
Threat IntelProxy Party of Peril: Malware and Proxy Team Up
Threat IntelChina’s High-Stakes Cyber Shenanigans: Cert Theft & DLL Hijacking
Threat IntelMeet Rhysida: The ‘Helpful’ Cybersecurity Team with a Dark Side
Threat IntelMidnight Blizzard Mixes Up Microsoft 365
Threat IntelThe SSM Agent’s Secret Identity: Unmasking the RAT Within
Threat IntelPebbles Aren’t Alone: The Fruity Find Making Waves in Cybersecurity
Threat IntelAbusing the Microsoft “search”/”search-ms” URI Protocol
Threat IntelNitrogen’s Malvertising Mayhem: When Ads Go Rogue!
Threat IntelMikroTik Vulnerability Emerges from the Past
Threat IntelApple Combats Zero-Day Zero-Click Campaign
Threat IntelRedis on the Run: P2PInfect Worm Attacks
Threat IntelIdentity Crisis in the Cloud: Storm-0558 and the Forged Access Key
Threat IntelFIN8’s Latest Remix: Sardonic with Noberus
Threat IntelWormGPT: The New Bait in Phishing and BEC Attacks
Threat IntelExploding Back into the Picture: TeamTNT Makes a Comeback
Threat IntelSocGholish: Haunting the Digital Realm for Over Five Years
Threat IntelZero-Day Fireworks: Microsoft’s July Patch Party
Threat IntelA Glimpse at Ransomware Roundup: APG Explores the Latest Threat Actors and Variants
Threat IntelSign Here, Malware There: Forged Kernel-Mode Driver Signatures
Threat IntelAn Update on the MOVEit Vulnerability
Threat IntelBlackpoint Command Session 15: Building a Threat-Informed Security Stack that Sells
Thought LeadershipBlackpoint Cyber Detains Qakbot Information-Stealing Malware
Tech CenterA Deep Dive Into the 3CXDesktopApp Security Vulnerability
Threat Intel2023 Cyberthreats to Watch Out For
Threat IntelWith .one Foot in the Door
Threat IntelChileLocker’s Chilling Mistakes
Threat IntelIn the Chaos of Lorenz, APG sORted It Out
Threat IntelIT Tools, Infostealers, and Account Compromise – Blackpoint’s Threat Operations Year in Review
Thought LeadershipNation States’ Impact on Cyber Insurance
Thought LeadershipBut is MFA Enough? Unpacking Business Email Compromise
Tech CenterUnearthing Project Relic
Thought LeadershipBlackpoint Responds to Business Email Compromise
Tech CenterRatting Out Arechclient2
Threat IntelBlackpoint Overwatch: Executive Summary of Ratting Out Arechclient2
Threat IntelEmerging Threat Briefing
Threat IntelEpisode 16: Lessons Learned from Zero-Day Attacks with APG
Thought LeadershipCombatting Industry Myths with MDR Intel
Thought LeadershipEpisode 14: New Tactics and Techniques From the Bad Guys
Thought LeadershipTech Tuesday: Eye Spy – The Dangers of Legal Malware
Threat IntelIt’s Great, Until It’s Not: Four Security Time Bombs
Threat IntelBlackpoint ReCON 2022 On-Demand
CompanyEpisode 11: Password Spraying, Email Impersonation, and Disinformation with David Rushmer
Company5 Reasons You Won’t Want to Miss ReCON 2022
CompanyEpisode 07: Breaking Down HAFNIUM, Staying Curious, and Advice for Budding Security Professionals
Tech CenterMalware on Trial
Threat IntelTarrask-ing for Trouble
Threat IntelVulnerabilities Uncovered in SonicWall SMA Appliances
Threat IntelApache Log4j RCE Vulnerability
Threat IntelCritical Microsoft Print Spooler Service Vulnerability Exposed
Threat IntelZero-Day Exploit Found in Kaseya VSA
Threat IntelRansomware attack shuts down critical US pipeline
Threat IntelThreat Actors Exploit SonicWall Email Security Vulnerabilities
Threat IntelSignificant Increase in Cyber Attacks Targeting Accounting Firms
Threat IntelHAFNIUM Hackers Attack Microsoft Exchange Servers using Multiple Zero-day Vulnerabilities
Threat IntelFlorida Water Treatment Center Hacked
Threat IntelSonicWall Hacked Using Zero-day vulnerabilities in its VPN Products
Threat IntelFBI Warns of Increasing Ragnar Locker Ransomware Attacks
Threat IntelPassword Exposure for Fortinet Devices Vulnerable to CVE-2018-13379
Threat IntelCritical Vulnerability for SonicWall VPN (CVE-2020-5135)
Threat IntelCritical Windows “MS-NRPC” Exploit ZeroLogon (CVE-2020-1472)
Threat IntelPasswords leaked for Enterprise VPN (CVE-2019-11510)
Threat IntelCritical Microsoft DNS Server Vulnerability (CVE-2020-1350)
Threat IntelVMware vCenter Server Security Vulnerability (CVE-2020-3952)
Threat IntelCISA Warns of Nation-State Attacks – Are You Prepared?
Threat IntelWannaCry Déjà Vu
Threat IntelSpear Phishing Campaign Stopped by Blackpoint MDR
Threat IntelOlympic Destroyer Hack: How We Would’ve Stopped It
Threat IntelStay in the Know
They say that knowing is half the battle. Get regular updates on all the latest in cybersecurity including threat intel, new Blackpoint capabilities, upcoming events, and more.