Vulnerability
Expel insider | 2 min read
A secure world is built together: closing out Cybersecurity Awareness MonthIt's the end of Cybersecurity Awareness Month, but these resources are useful every month of the year to enhance resilience and stay secure.
Expel insider | 3 min read
Happy Halloween! Cybersecurity horror stories from SOCs pastEnjoy these horror stories from past SOCs, as our analysts share their most haunting tales from previous roles (and get some tips, too).
Security operations | 7 min read
MDR insights: how our SOC identified & responded to CVE-2024-3400Learn how Expel's security operations center (SOC) identified and resolved CVE-2024-3400 for one of our customers.
Security operations | 5 min read
MDR insights: using vulnerability data to inform remediation strategiesMDR vulnerabilities data can be used with EPSS scoring and the CISA catalog to glean insights, reduce alert noise, and guide remediation.
Expel insider | 3 min read
A recap: Expel’s 2024 Black Hat experienceBlack Hat 2024 is over, and the big themes this year were vulnerabilities, election infrastructure, and evaluating security maturity. Also, we debuted our new burnout ebook.
Security operations | 1 min read
Security alert: Palo Alto Networks PAN-OS GlobalProtect Command Injection VulnerabilityPalo Alto Networks disclosed that attackers are exploiting a vulnerability in PAN-OS for GlobalProtect. Here's what you need to know.
Security operations | 1 min read
Security alert: XZ Linux utility backdoorResearchers identified a backdoor into the XZ Linux utility, via supply chain compromise. Here’s what you need to know.
Security operations | 2 min read
Security alert: Ivanti Connect Secure and Policy Secure zero-day vulnerabilitiesThe Cybersecurity and Infrastructure Security Agency (CISA) believes threat actors are exploiting Ivanti Connect Secure and Policy Secure zero-day vulnerabilities. Here's what to know.
Security operations | 2 min read
Security alert: ConnectWise ScreenConnect 23.9.8 security fixVulnerabilities affecting ConnectWise versions 23.9.7 and prior leave self-hosted and on-premise ScreenConnect instances exposed to attackers. Here’s what happened and what you can do about it now.
Security operations | 8 min read
Spotting suspicious logins at scale: (Alert) pathways to successFind out how our SOC analysts used automation to reduce the time it takes to investigate and report a suspicious login by 75%. The team outlines the process and shares a case study of it in action.
Security operations | 9 min read
Obfuscation, reflective injection and domain fronting; oh my!During a recent red team engagement, the CrowdStrike EDR Platform alerted our SOC team on the execution of a suspicious VBScript file. This is what they learned from untangling the malware code.
Tips | 6 min read
Malware operators Zoom’ing inOver the weekend, Expel’s analysts discovered a new way attackers are using Zoom to compromise users’ security. Here’s what they learned and what you can do to avoid getting duped.
Security operations | 5 min read
MFA is not a silver bullet to secure your cloud emailLearn how dual or multi-factor authentication (MFA) are not an entirely secure solution for cloud email security on the Expel blog.
Security operations | 10 min read
Applying the NIST CSF to U.S. election securityNIST isn’t only useful for corporations -- it’s helpful for guiding security activities around processes like our national elections. Our CISO’s got some thoughts on exactly how to apply NIST to election security.
Security operations
Here’s what you need to know about business email compromise (BEC)How often does a business email compromise actually happen? And what should you do about it? Our infographic answers those questions and more.
Security operations | 6 min read
How to make your org more resilient to common Mac OS attacksGot Macs in your org? Here are a few recent Mac OS attack trends and how you can become more resilient to ‘em.
Tips | 4 min read
How public-private partnerships can support election securityElection security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.
Tips | 4 min read
Five quick checks to prevent attackers from weaponizing your websiteHere are some of the most frequent ways attackers can use your website and your web presence to harm your company, your users and the public at large.
Tips | 1 min read
Heads up: WPA2 vulnerabilityA (very) quick overview of the reported WPA2 weakness. The TL;DR is “don’t flip out.” (1 min read)