Skip to main content

Threat Intel & Vulnerabilities

What’s the latest news on threat intelligence from the Corvus Risk Advisory team? Check out our cyber resources to learn more about emerging threat intel trends.

Featured resources

Learn about the latest strategies and best practices to help protect your business from cyber threats.

Threat Intel & Vulnerabilities

Understanding Business Email Compromise and How It Drives Claims

Business Email Compromise drives billions in losses each year. Learn how BEC works, its impact on claims, and key defenses like out-of-band authentication.

8 minutes

Threat Intel & Vulnerabilities

ClickFix and FileFix: How Hackers Get Victims to Infect Their Own Computers

ClickFix and FileFix attacks trick users into self-infecting devices. Learn how they work, why they spread, and how to help defend against them.

4 minutes

Explore all Threat Intel & Vulnerabilities

Threat Intel & Vulnerabilities

Understanding Business Email Compromise and How It Drives Claims

Business Email Compromise drives billions in losses each year. Learn how BEC works, its impact on claims, and key defenses like out-of-band authentication.

8 minutes

Threat Intel & Vulnerabilities

ClickFix and FileFix: How Hackers Get Victims to Infect Their Own Computers

ClickFix and FileFix attacks trick users into self-infecting devices. Learn how they work, why they spread, and how to help defend against them.

4 minutes

Threat Intel & Vulnerabilities

Q2 '25 Travelers Cyber Threat Report: How BEC Drives Cyber Claims

Ransomware declines in Q2 2025, but BEC and social engineering fraud remain significant challenges for businesses. Learn more in our latest report.

16 minutes

Threat Intel & Vulnerabilities

Cyber Alerting 101

When it comes to cyber risk, speed matters. Travelers' provides real-time email notifications to alert policyholders of critical cybersecurity risks.

5 minutes

Threat Intel & Vulnerabilities

Social Engineering Outgrows the Inbox

Social engineering attacks remain one of the most common ways threat actors gain initial access to an organization’s systems. Learn more in this article.

5 minutes

Threat Intel & Vulnerabilities

Fortinet Vulnerability | January 2025

Fortinet customers could be at risk due to a critical security flaw. Here’s what you need to know.

2 minutes

Threat Intel & Vulnerabilities

Cleo File Transfer Alert | December 2024

Cleo customers could be at risk due to a critical security flaw. Here’s what you need to know.

1 minute

Threat Intel & Vulnerabilities

Global IT Meltdown: CrowdStrike Software Update Causes Broad Outages

On July 19, 2024, the world woke up to a massive IT outage caused by cybersecurity firm CrowdStrike that affected numerous industries across the globe.

3 minutes

Threat Intel & Vulnerabilities

CDK Global Incident | June 2024

A popular auto dealer software is experiencing a cyber incident. Here's what you need to know.

3 minutes

Threat Intel & Vulnerabilities

Palo Alto GlobalProtect Vulnerability | April 2024

There’s a critical vulnerability in Palo Alto GlobalProtect. Here’s what you need to know.

2 minutes

Threat Intel & Vulnerabilities

ScreenConnect Vulnerability | February 2024

There’s a critical vulnerability in ScreenConnect. Here’s what you need to know.

1 minute

Threat Intel & Vulnerabilities

Fortinet Fortigate Vulnerability Alert | February 2024

There’s a critical vulnerability in Fortinet Fortigate Products. Here’s what you need to know.

1 minute

Threat Intel & Vulnerabilities

Ivanti Connect Secure Vulnerability Alert | January 2024

There are critical vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure under active exploitation. Here's what you need to know.

2 minutes

Threat Intel & Vulnerabilities

Jenkins Vulnerability Alert | January 2024

Jenkins customers could be at risk due to a critical security flaw. Here's what you need to know.

1 minute

Threat Intel & Vulnerabilities

GoAnywhere Vulnerability Alert | January 2024

GoAnywhere customers could be at risk due to a critical security flaw. Here’s what you need to know.

1 minute

Threat Intel & Vulnerabilities

Confluence Data Center Vulnerability Alert | January 2024

Confluence customers could be at risk due to a critical security flaw. Here’s what you need to know.

1 minute

Threat Intel & Vulnerabilities

GitLab Vulnerability Alert | January 2024

GitLab customers could be at risk due to multiple security flaws. Here’s what you need to know.

1 minute

Threat Intel & Vulnerabilities

Q4 2023 Cyber Vulnerability Report and Impact

Information and recommendations on the NetScaler Vulnerability, Confluence Vulnerability, and F5 BIG-IP Vulnerability alerts from Q4 2023.

7 minutes

Threat Intel & Vulnerabilities

3 Ways Threat Actors Will Kick Off the New Year

Indicators of emerging threats drawn from a blend of claims data and external threat intelligence to help guide you heading into 2024.

8 minutes

Threat Intel & Vulnerabilities

A Guide to MFA Bypass Attacks

Threat actors are circumventing Multi-factor Authentication (MFA) through a method known as MFA Bypass. Find out how to prevent attacks in this cyber blog.

4 minutes

Threat Intel & Vulnerabilities

Q3 2023 Cyber Vulnerability Report and Impact

Information and recommendations on the Cisco ASA SSL-VPN, Adobe ColdFusion, Confluence Vulnerability, and Citrix Vulnerability alerts from Q3 2023.

4 minutes

Threat Intel & Vulnerabilities

Q2 2023 Cyber Vulnerability Report and Impact

Information and recommendations on the Fortinet Fortigate and MOVEit Vulnerability alerts from Q2 2023.

3 minutes

Threat Intel & Vulnerabilities

March 2023 Sees 60% Increase in Ransomware Attacks

Corvus observed 452 new ransomware victims on leak sites in March 2023. Ransomware is up 60% from this time last year, and 141% from two years ago.

2 minutes

Threat Intel & Vulnerabilities

Q1 2023 Cyber Vulnerability Report and Impact

Fortinet, Adobe ColdFusion, 3CX Desktop, Bank Wire Fraud, ESXi, Jira, FortiWeb, Control Web Panel, Zoho ManageEngine, and Git vulnerabilities from Q1 2023.

13 minutes

Threat Intel & Vulnerabilities

What Is RDP and Why Is It a Security Concern?

Learn more about Remote Desktop Protocol (RDP), its risks, and how to help your client properly secure their infrastructure in this cybersecurity blog.

2 minutes

Threat Intel & Vulnerabilities

A Guide to Common Vulnerabilities and Exposures (CVEs)

What are Common Vulnerabilities and Exposures (CVEs), and what should you know about them? Learn more about CVEs in this short cybersecurity blog.

2 minutes

Threat Intel & Vulnerabilities

Data Science Insight: How VPN Vulnerabilities Affect Ransomware Risk

By using data from various companies, Corvus determined the likelihood of a security incident based on whether they used a high-risk or low-risk VPN.

4 minutes

Threat Intel & Vulnerabilities

Keeping up with Cybercriminals: The Future of Online Threats

As increased security measures make their job harder, cybercriminals are forced to get creative. What are the latest innovative threats we’ve seen?

6 minutes

Threat Intel & Vulnerabilities

A Tale of How Business Email Compromise Attacks Work

Through the (frightening) tale of Craig in finance and his company, we’ll discover what to expect from a business email compromise attack.

6 minutes

Threat Intel & Vulnerabilities

Your Survival Guide to the DDoS Resurgence

DDoS is back in the news. What is it about these attacks that make them a popular choice among threat actors, and how do we fight it?

6 minutes

Threat Intel & Vulnerabilities

Case Study: Unpatched Microsoft Exchange Server Vulnerabilities

Find out how Corvus addressed the risk of an unpatched Microsoft Exchange Server vulnerability and ended up with a safer policyholder in this case study.

5 minutes

Threat Intel & Vulnerabilities

Graph Your Dependencies: Facebook Outage Proves ‘Simple’ Doesn’t Work

A faulty configuration change impacted 3.5 billion people. What can we learn about the systemic risks that occur due to reliance on third party providers?

5 minutes

Threat Intel & Vulnerabilities

Prioritize Patching with Risk-Based Vulnerability Management

What is a Risk-Based Vulnerability Management Approach, and how can it help your organization? Our CISO Jason Rebholz covers the topic in this blog.

6 minutes

Threat Intel & Vulnerabilities

Mitigating Vendor Risk: Three Steps to Protect Your Organization

Mitigating risk is an increasingly relevant concern for all industries — in this blog, we’ll cover three ways to keep your organization prepared.

5 minutes

Threat Intel & Vulnerabilities

Microsoft Exchange: Where We Are Now

Exchange Server Catch-up: What’s happened, where we are now, and why your clients must be vigilant. Learn more in this short blog.

4 minutes

Threat Intel & Vulnerabilities

A Guide to Vulnerability Management

What are the best practices for the identification, evaluation, and remediation of technology-related vulnerabilities? Find out in this short cyber blog.

2 minutes

Threat Intel & Vulnerabilities

What is an SMB vulnerability?

Learn more about Server Message Block (SMB), its risks, and how to help your client properly secure their infrastructure in this short cybersecurity blog.

1 minute

Threat Intel & Vulnerabilities

What is a Telnet vulnerability?

Learn about Telnet Vulnerability, its risks, and how to help your client properly secure their infrastructure in this short cybersecurity blog.

1 minute

Threat Intel & Vulnerabilities

What Is a BlueKeep Vulnerability?

Learn more about BlueKeep, its risks, and how to help your client properly secure their infrastructure in this cybersecurity blog.

1 minute

Expert insights tailored to your business

Every policy includes unlimited consultations with our Cyber Risk team, for insights on incident response strategies, security investments, and more.

Cyber risk services
Back to resource center