May | The Watch: Old Threats Bring New Insights

Welcome to the May Edition of The Watch, featuring cyber intel from Deepwatch Labs, information security news, industry insights, and upcoming Deepwatch events. Hit the subscribe button to stay in the know!

?? IN THIS ISSUE:

1. 2023 Annual Threat Intelligence Report 
2. Deepwatch Insights: Deepwatch ATI Cybersecurity Threat Outlook
3. Curated Cyber Threat Intelligence
4. Deepwatch Events: See Where We’ve Been
5. 2023 Gartner? Market Guide for MDR
6. Deepwatch Careers: Join Us!
7. InfoSec Updates 
8. Employee Spotlight
9. Upcoming Events!
10. ICYMI

2023 Annual Threat Intelligence Report

Deepwatch’s 2023 ATI Threat Report looks back at the leading cybersecurity threats CISOs and SOC analysts faced in 2022 while also providing insights and predictions on how the security landscape will continue to evolve throughout 2023 and beyond.

Check out the full report.

?? Insights Blog: Past, Present, Future-Deepwatch ATI Cybersecurity Threat Outlook

Written by: Michael Mayes, Content Writer

The latest post on the Deepwatch Insights Blog dives deep into the biggest and most impactful cybersecurity events from 2022, covering the top five threat detections, threat response engagements, MITRE ATT&CK techniques, and more. The blog post also covers the relevant new threat types, including infostealers and source code exploitation, that security analysts should be watching out for in 2023.

Read The Full Blog.

?? Deepwatch Cyber Threat Intelligence

Deepwatch provides curated cybersecurity threat intelligence to keep your organization and SOC ahead of the latest security threats and zero-day vulnerabilities. Below are a few top cyber threats & insights from the past month.

?? Gopuram Deployed within 3CX Attack

What You Need to Know

On 3 April 2023, Kaspersky reported that the 3CX supply chain attack dropped the Gopuram backdoor. Kaspersky discovered that the threat actor specifically targeted cryptocurrency companies, in addition to dropping the infostealer, they also dropped two files on infected machines, which loads Gopuram’s main module. Kaspersky has attributed the 3CX campaign to the Lazarus threat actor with medium to high confidence.

?? Another InfoStealer Discovered

What You Need to Know

On 29 March 2023, Cyble reported that they discovered a new InfoStealer titled Creal, whose source code and builder are publicly accessible. The stealer has been observed delivered via phishing websites and collects login credentials and cookies from various browsers, with data exfiltration occurring via Discord or through various file hosting and sharing services.

?? New CrossLock Ransomware Discovered

What You Need to Know

On 18 April 2023, Cyble reported that they discovered a new ransomware called CrossLock, which uses data-cleaning tactics to hamper recovery efforts. Once loaded, CrossLock performs multiple cleaning tactics on the target’s machine to avoid recovery. There is no information regarding the total number of victims, the industries they operate in, or if the cybercriminals are operating now.

?? Analysis of “Read the Manual” RaaS

What You Need to Know

On 13 April 2023, Trellix reported that they discovered the e-crime group “Read the Manual” is now offering Ransomware-as-a-Service, and forces affiliates to follow a strict ruleset. Their locker uses multi-threading to encrypt logical volumes attached to a machine and can only properly work with administrative privileges. There is no information regarding the total number of victims, the industries they operate in, or if the cybercriminals are operating now.

Subscribe to Deepwatch Labs to stay up-to-date on the latest cyber threat intelligence, advisories, and recommendations.

?? Deepwatch April Events 

RSA Conference

This year at the RSA Conference, Deepwatch hosted several events where participants could learn more about our Advanced Managed Detection and Response, including two coffee shop pop-ups at the St. Regis Hotel, and 1x1 time with our experts in our Executive Briefing Suite.

Indy CISO Watch Building Event

Deepwatch & GuidePoint Security recently hosted a group of InfoSec Professionals for an evening of dinner, drinks & watch building.

Attendees learned about how the right security partner can help them 'Get Time Back on Their Side'.

Corewell Health Foundation Gala 2023

Deepwatch & GuidePoint Security sponsored the 2023 Corewell Health Foundation Gala in support of our customer, Spectrum Health. The annual charity event helps raise funds to equip the care coordination team to reach more people, both in their hospitals and throughout their communities.

?? 2023 Gartner? Market Guide for MDR

The rate at which new cyber threats are developed and deployed can leave security experts and analysts feeling overwhelmed, especially as they struggle to maintain complex and expensive in-house SecOps programs. 

The 2023 Gartner? Market Guide for Managed Detection and Response (MDR) explains how MDR can help address key cybersecurity pain points even when budgets are limited and the total headcount is restricted.

Check it out here.

?? Find Your Career With Deepwatch!

As a fully-remote Deepwatch team member, you have the opportunity to grow personally and professionally while enjoying what you do. 

Explore current opportunities and find out how it feels to be part of the team.

?? Trending Infosec Updates

?? Employee Spotlight

Maya is a SecOps Engineer who has utilized the Deepwatch Professional Development stipend benefit to continue growing professionally.

"Professional Development empowers employees by giving them more confidence in their skillset and also presents opportunity to expand on new ones. I feel that Deepwatch is fully invested in me, and by providing these funds I am able to provide value back into the company." - Maya Jones

?? ICYMI...

Click below to take a listen to this sagely security snippet from Deepwatch AVP, Bill Bernard, and view our latest on-demand webinar for more on building a thriving security program. 

?? UPCOMING EVENTS...

ISSA Pittsburgh InfoSec Summit

The 2023 Information Security Forum is an annual event for technology professionals in the Pittsburgh area to network and hear from a diverse group of industry experts on key security products and services.

View more information here!

About Deepwatch

Deepwatch is the leader in managed detection and response, protecting organizations from growing cyber threats 24/7/365. Powered by the Deepwatch SecOps Platform, we provide the industry’s fastest, most comprehensive detection and automated response to cyber threats along with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. Visit www.deepwatch.com to learn more.

Follow Deepwatch on LinkedIn and Twitter.