Welcome to the July edition of the Bromium Threat Insights Report. Highlights from this month include:

• Coverage of the spate of ransomware attacks on US municipalities.
• Bromium research into the Malware as a Service (MaaS) business model, which criminal actors are increasingly adopting, including the group behind Emotet.
• Analysis of a C# bypass of Windows 10’s Antimalware Scan Interface (AMSI), demonstrating the effectiveness of compiling code after it has been delivered to a target system.
• Analysis of creative language-checking techniques used by malware to target users with certain system language configurations.

Download: Bromium Threat Insights Report – July 2019

In the June Threat Insights Report, we focused on Emotet, including how it works and methods of detecting it and notable security news, such as the disclosure CVE-2019-0708 (aka BlueKeep), a critical vulnerability in the Windows Remote Desktop Protocol kernel driver, termdd.sys. If you missed the June report, you can read it here.

We hope you find the July Threat Insights Report useful and actionable.

If you have any questions about it or would like to learn more about how to share threats with Bromium, contact us, and we will get in touch.