Security operations | 1 min read
Security alert: Palo Alto Networks PAN-OS GlobalProtect Command Injection Vulnerability

Palo Alto Networks disclosed that attackers are exploiting a vulnerability in PAN-OS for GlobalProtect. Here's what you need to know. 

Security operations | 1 min read
Security alert: XZ Linux utility backdoor

Researchers identified a backdoor into the XZ Linux utility, via supply chain compromise. Here’s what you need to know.

Security operations | 2 min read
Security alert: Ivanti Connect Secure and Policy Secure zero-day vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) believes threat actors are exploiting Ivanti Connect Secure and Policy Secure zero-day vulnerabilities. Here's what to know.

Security operations | 2 min read
Security alert: ConnectWise ScreenConnect 23.9.8 security fix

Vulnerabilities affecting ConnectWise versions 23.9.7 and prior leave self-hosted and on-premise ScreenConnect instances exposed to attackers. Here’s what happened and what can do about it now.

Security operations | 8 min read
Spotting suspicious logins at scale: (Alert) pathways to success

Find out how our SOC analysts used automation to reduce the time it takes to investigate and report a suspicious login by 75%. The team outlines the process and shares a case study of it in action.

Security operations | 9 min read
Obfuscation, reflective injection and domain fronting; oh my!

During a recent red team engagement, the CrowdStrike EDR Platform alerted our SOC team on the execution of a suspicious VBScript file. This is what they learned from untangling the malware code.

Tips | 6 min read
Malware operators Zoom’ing in

Over the weekend, Expel’s analysts discovered a new way attackers are using Zoom to compromise users’ security. Here’s what they learned and what you can do to avoid getting duped.

Security operations | 5 min read
MFA is not a silver bullet to secure your cloud email

Learn how dual or multi-factor authentication (MFA) are not an entirely secure solution for cloud email security on the Expel blog.

Security operations | 10 min read
Applying the NIST CSF to U.S. election security

NIST isn’t only useful for corporations -- it’s helpful for guiding security activities around processes like our national elections. Our CISO’s got some thoughts on exactly how to apply NIST to election security.

Security operations
Here’s what you need to know about business email compromise (BEC)

How often does a business email compromise actually happen? And what should you do about it? Our infographic answers those questions and more.

Security operations | 6 min read
How to make your org more resilient to common Mac OS attacks

Got Macs in your org? Here are a few recent Mac OS attack trends and how you can become more resilient to ‘em.

Tips | 4 min read
How public-private partnerships can support election security

Election security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.

Tips | 4 min read
Five quick checks to prevent attackers from weaponizing your website

Here are some of the most frequent ways attackers can use your website and your web presence to harm your company, your users and the public at large.

Tips | 1 min read
Heads up: WPA2 vulnerability

A (very) quick overview of the reported WPA2 weakness. The TL;DR is “don’t flip out.” (1 min read)