threat landscape
Rapid response | 1 min read
Security alert: critical Fortigate remote code execution vulnerabilityGet a clear breakdown of the critical Fortigate Firewall vulnerability's impact and steps you can take to reduce your risk.
Rapid response | 2 min read
Security alert: 3CXDesktopApp supply chain attackA supply chain attack on 3CXDesktopApp can turn installers into malicious tools. Learn the steps you can take to mitigate the risk.
Rapid response | 5 min read
Incident report: stolen AWS access keysLearn what happens after AWS access keys are stolen. Our teams collaborated on a real-world incident. Read how we responded to the attack.
Rapid response | 3 min read
Emerging Threat: CircleCI Security IncidentA security incident at CircleCI requires immediate credential rotation. Learn what happened, why it matters, and the steps to take to mitigate the risk.
Rapid response | 2 min read
Security alert: high-severity vulnerability affecting OpenSSL V3 and higherTwo new security flaws affect OpenSSL v3.0 and later. Learn about the vulnerabilities and why you should upgrade to v3.0.7 as soon as it's reasonable.
Rapid response | 2 min read
Emerging Threats: Microsoft Exchange On-Prem Zero-DaysA new zero-day vulnerability affects Microsoft Exchange Server. Until a patch is issued, here are the steps you can take to mitigate risk.
Rapid response | 2 min read
Emerging threat: BEC payroll fraud advisoryOur SOC observed BEC attacks targeting Workday to commit payroll fraud. Learn how to protect your human capital management systems.
Cloud security | 3 min read
GCP Incident report: Spotting an attacker in Google CloudOur guide details a GCP incident, from initial attacker access to resolution. Learn our key takeaways for securing your cloud environment.
Rapid response | 6 min read
Incident report: From CLI to console, chasing an attacker in AWSWe detected and stopped unauthorized access in a customer's AWS environment. Learn how we spotted it, what we did, and key takeaways for your security.
Current events | 8 min read
Top Attack Vectors: February 2022Stay ahead of the latest threats. Our report on February 2022 incidents reveals top attack vectors and recommendations to protect your org.
Current events | 6 min read
Top Attack Vectors: January 2022Get the top attack vectors and trends from our SOC's January 2022 incident investigations. Learn our key recommendations to protect your org.
Cloud security | 4 min read
Attack trend alert: AWS-themed credential phishing techniqueAttackers are phishing with fake AWS log-in pages. See how our crew identified and triaged a malicious email to protect a customer.
Current events | 7 min read
Top attack vectors: December 2021Get the top attack vectors and trends from our SOC's December 2021 incident investigations. Learn our key recommendations to protect your org.
Current events | 7 min read
Top attack vectors: November 2021Stay ahead of the latest threats. Our report on November 2021 incidents reveals top attack vectors and recommendations to protect your org.
Current events | 6 min read
Top attack vectors: October 2021Get the top attack vectors and trends from our SOC's October 2021 incident investigations. Learn our key recommendations to protect your org.
Current events | 5 min read
Top attack vectors: September 2021Get the top attack vectors and trends from our SOC's September 2021 incident investigations. Learn our key recommendations to protect your org.
Current events | 5 min read
Top attack vectors: August 2021Get the top attack vectors and trends from our SOC's August 2021 incident investigations. Learn our key recommendations to protect your org.
Data & research | 6 min read
Swimming past 2FA, part 2: How to investigate Okta compromiseYou know how to spot an Okta compromise. Now read our investigation walkthrough and get five tips to strengthen your security defense.
Current events | 5 min read
Top Attack Vectors: July 2021Get the top attack vectors and trends from our SOC's July 2021 incident investigations. Learn our key recommendations to protect your org.
MDR | 9 min read
Well that escalated quickly: How a red team went from domain user to kernel memoryA red team deployed a custom rootkit via PowerShell. Find out how we spotted the crafty tactics and successfully defended the network.
Rapid response | 5 min read
Incident report: Spotting SocGholish WordPress injectionOur SOC stopped a ransomware attack that compromised WordPress CMS to deliver a RAT. Get our recommendations to secure your site now.
Current events | 3 min read
Kaseya supply chain attack: What you need to knowRansomware attack hits Fourth of July weekend. Learn what’s happening and the immediate steps to take to protect your org right now.
MDR | 4 min read
Someone in your industry got hit with ransomware. What now?How do targeted attacks differ from common opportunistic attacks? Here's tips on keeping your org safe from these types of ransomware attacks.
Cloud security | 7 min read
Cloud attack trends: What you need to know and how to stay resilientTop pandemic attack trends are here. Learn how to remediate and use our crew’s tips to build resilience against these attacks.
Current events | 3 min read
Attack trend alert: REvil ransomwareA new REvil campaign trend is here. Find out what's new about the attack, how our SOC spotted it, and what you can do to protect your org.
Rapid response | 1 min read
Heads up: WPA2 vulnerabilityA (very) quick overview of the reported WPA2 weakness. The TL;DR is “don’t flip out" because this an example of bug marketing.