Security operations | 8 min readSpotting suspicious logins at scale: (Alert) pathways to success
Find out how our SOC analysts used automation to reduce the time it takes to investigate and report a suspicious login by 75%. The team outlines the process and shares a case study of it in action.
Security operations | 9 min readObfuscation, reflective injection and domain fronting; oh my!
During a recent red team engagement, the CrowdStrike EDR Platform alerted our SOC team on the execution of a suspicious VBScript file. This is what they learned from untangling the malware code.
Tips | 6 min readMalware operators Zoom’ing in
Over the weekend, Expel’s analysts discovered a new way attackers are using Zoom to compromise users’ security. Here’s what they learned and what you can do to avoid getting duped.
Security operations | 5 min readMFA is not a silver bullet to secure your cloud email
Learn how dual or multi-factor authentication (MFA) are not an entirely secure solution for cloud email security on the Expel blog.
Security operations | 10 min readApplying the NIST CSF to U.S. election security
NIST isn’t only useful for corporations -- it’s helpful for guiding security activities around processes like our national elections. Our CISO’s got some thoughts on exactly how to apply NIST to election security.
Security operationsHere’s what you need to know about business email compromise (BEC)
How often does a business email compromise actually happen? And what should you do about it? Our infographic answers those questions and more.
Security operations | 6 min readHow to make your org more resilient to common Mac OS attacks
Got Macs in your org? Here are a few recent Mac OS attack trends and how you can become more resilient to ‘em.
Tips | 4 min readHow public-private partnerships can support election security
Election security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.
Tips | 4 min readFive quick checks to prevent attackers from weaponizing your website
Here are some of the most frequent ways attackers can use your website and your web presence to harm your company, your users and the public at large.
Tips | 1 min readHeads up: WPA2 vulnerability
A (very) quick overview of the reported WPA2 weakness. The TL;DR is “don’t flip out.” (1 min read)