
Expel Quarterly Threat Report: Cybersecurity data, trends, and recs from Q1 2022
Top takeaways from our first quarterly report, filled with patterns and trends we identified from Q1 2022. Our goal? Help translate the events we detect into a security strategy for your organization.

Top Attack Vectors: February 2022
This report dives into the top attack vectors and trends among the incidents our SOC investigated in February 2022. Learn our key recommendations to protect your org from these types of attacks.

Top Attack Vectors: January 2022
This report dives into the top attack vectors and trends among the incidents our SOC investigated in January 2022. Learn our key recommendations to protect your org from these types of attacks.

Attack trend alert: AWS-themed credential phishing technique
They’re at it again. This time attackers are phishing for credentials by sending fake AWS log-in pages to unsuspecting users. Find out how our crew identified and triaged a phishing email.

Great eXpeltations 2022: Cybersecurity trends and predictions
Introducing Great eXpeltations 2022: Cybersecurity trends and predictions — an annual report from our security operations center (SOC) on top threats, how to handle them, and what to expect this year.

Top Attack Vectors: December 2021
This report dives into the top attack vectors and trends among the incidents our SOC investigated in December 2021. Learn our key recommendations to protect your org from these types of attacks.

Top Attack Vectors: November 2021
This report dives into the top attack vectors and trends among the incidents our SOC investigated in November 2021. Learn our key recommendations to protect your org from these types of attacks.

The Grinchy email scams to watch out for this holiday season
As the holidays approach, cyber Grinches are targeting phishing campaigns to steal data, credentials and more. Look out for these email scams while online shopping and checking your inbox this season.

Top Attack Vectors: October 2021
This report dives into the top attack vectors and trends among the incidents our SOC investigated in October 2021. Learn our key recommendations to protect your org from these types of attacks.

Top Attack Vectors: September 2021
This report dives into the top attack vectors and trends among the incidents our SOC investigated in September 2021. Learn our key recommendations to protect your org from these types of attacks.

Top Attack Vectors: August 2021
This report dives into the top attack vectors and trends among the incidents our SOC investigated in August 2021. Learn our key recommendations to protect your org from these types of attacks.

The top phishing keywords in the last 10k+ malicious emails we investigated
Curious how attackers are prompting victims to engage with phishing campaigns? Check out the top keywords from the malicious emails our SOC investigated and our top resilience recommendations.

Top Attack Vectors: July 2021
This report dives into the top attack vectors and trends among the incidents our SOC investigated in July 2021. Learn our key recommendations to protect your org from these types of attacks.

Well that escalated quickly: How a red team went from domain user to kernel memory
A red team recently swooped in and showed off some new tactics. What started as a PowerShell download cradle quickly turned into a custom rootkit download. Find out how we spotted the crafty red team.

Incident report: Spotting SocGholish WordPress injection
Our SOC stopped a ransomware attack that compromised WordPress CMS to trigger a drive-by RAT download. Find out what happened, how we caught it, and our recommendations to secure your WordPress CMS.

Swimming past 2FA, part 1: How to spot an Okta MITM phishing attack
Crafty attackers are finding new ways to bypass multiple-factor authentication. Find out how our SOC detected an attack and get some tips on how your org can prevent credentials phishing.

Kaseya supply chain attack: What you need to know
A new ransomware attack upheaved the beginning of Fourth of July weekend. Fortunately, there are steps you can take right now to stay safe. Find out what’s happening and how Expel is looking ahead.

Someone in your industry got hit with ransomware. What now?
We’re noticing a trend in ransomware attacks. But that doesn’t mean it’s time to go into panic mode. Find out what you need to know and get some tips on how you can keep your org safe.

Cloud attack trends: What you need to know and how to stay resilient
We shared the top attack trend spotted during the pandemic and what to keep an eye out for looking ahead. But how do you remediate and stay resilient against these attacks? Our crew shares some tips.

The top cybersecurity attack trend we saw emerge during the COVID-19 pandemic
Check out our newest infographic to learn about the top attack trend during the COVID-19 pandemic, how our SOC’s data reinforces these recent findings and how you should be looking ahead.

Attack trend alert: REvil ransomware
Expel’s SOC spotted a new trend in REvil campaigns and they’re sounding the alarm. Find out what’s new about this type of attack, how our analysts spotted it and what you can do to protect your org.

Supply chain attack prevention: 3 things to do now
What do you do when you can’t trust the internet? Supply chain attacks like the SolarWinds Orion breach are not new. Here are some things you can do to help prepare and guard against similar attacks.

The SolarWinds Orion breach: 6 ideas on what to do next and why
Here are some of our early observations on the SolarWinds Orion breach, plus our ideas on what to do next to detect related activity and better protect your org.

Evilginx-ing into the cloud: How we detected a red team attack in AWS
Red team sneak attack? Bring it on. Find out how we tackled a red team attack using open source offensive security tools in AWS and what you can do to protect your org from similar attacks.

Obfuscation, reflective injection and domain fronting; oh my!
During a recent red team engagement, the CrowdStrike EDR Platform alerted our SOC team on the execution of a suspicious VBScript file. This is what they learned from untangling the malware code.

Managed Detection & Response for AWS
Our analysts had to think fast when they recently encountered an incident involving compromised AWS access keys. Find out how they identified the attack and then kicked the bad guy out.

Here’s what you need to know about business email compromise (BEC)
How often does a business email compromise actually happen? And what should you do about it? Our infographic answers those questions and more.