The PacketWatch Intelligence Team

5 min read

Python PoshC2: Analysis of an IP Indicator of Compromise (IOC)

PacketWatch recently analyzed an open directory based on a tweet from Germán Fernández showing an IP that was hosting malicious files and code.

4 min read

Cyber Threat Intelligence Briefing - December 4, 2023

Welcome back to another week of Cyber Threat Intelligence (CTI). This week's report highlights the recent Okta breach, Google Ads being used to promote...

3 min read

Cyber Threat Intelligence Briefing - November 20, 2023

Welcome back to another week of Cyber Threat Intelligence (CTI). This week's report highlights the Rhysida ransomware group and a vulnerability roundup.

2 min read

CVE-2023-47246: SysAid 0-Day Vulnerability

Late on November 8, 2023, SysAid announced they had evidence their product was being actively exploited via a 0-day vulnerability, now tracked as...

4 min read

Cyber Threat Intelligence Briefing - November 6, 2023

Welcome back to another week of Cyber Threat Intelligence (CTI). This week's report highlights Microsoft's latest Octo Tempest and ALPHV/BlackCat...

5 min read

Cyber Threat Intelligence Briefing - October 23, 2023

Welcome back to another week of Cyber Threat Intelligence (CTI). This week's report highlights two critical zero-days from Cisco and critical...

1 min read

New Critical Vulnerability in Citrix NetScaler Exposes 'Sensitive Information'

Today, Citrix released a security bulletin highlighting two vulnerabilities in the NetScaler ADC and NetScaler Gateway platforms.

Upcoming Vulnerability Disclosure for cURL

On October 3, Daniel Stenberg (@badger) announced a forthcoming patch for cURL (version 8.4.0) that will be released on October 11, which includes a fix...

5 min read

Cyber Threat Intelligence Briefing - October 9, 2023

Welcome back to another week of Cyber Threat Intelligence (CTI). This week's report highlights Cybersecurity Awareness Month and a Vulnerability Roundup.