Vulnerability

‹ Back to Blog
Security operations | 8 min read
Spotting suspicious logins at scale: (Alert) pathways to success

Find out how our SOC analysts used automation to reduce the time it takes to investigate and report a suspicious login by 75%. The team outlines the process and shares a case study of it in action.

Security operations | 9 min read
Obfuscation, reflective injection and domain fronting; oh my!

During a recent red team engagement, the CrowdStrike EDR Platform alerted our SOC team on the execution of a suspicious VBScript file. This is what they learned from untangling the malware code.

Tips | 6 min read
Malware operators Zoom’ing in

Over the weekend, Expel’s analysts discovered a new way attackers are using Zoom to compromise users’ security. Here’s what they learned and what you can do to avoid getting duped.

Security operations | 5 min read
MFA is not a silver bullet to secure your cloud email

Learn how dual or multi-factor authentication (MFA) are not an entirely secure solution for cloud email security on the Expel blog.

Security operations | 10 min read
Applying the NIST CSF to U.S. election security

NIST isn’t only useful for corporations -- it’s helpful for guiding security activities around processes like our national elections. Our CISO’s got some thoughts on exactly how to apply NIST to election security.

Security operations
Here’s what you need to know about business email compromise (BEC)

How often does a business email compromise actually happen? And what should you do about it? Our infographic answers those questions and more.

Security operations | 6 min read
How to make your org more resilient to common Mac OS attacks

Got Macs in your org? Here are a few recent Mac OS attack trends and how you can become more resilient to ‘em.

Tips | 4 min read
How public-private partnerships can support election security

Election security measures (or lack thereof) are making headlines. How can private sector orgs contribute to public sector security? Our CISO Bruce Potter’s got some ideas.

Tips | 4 min read
Five quick checks to prevent attackers from weaponizing your website

Here are some of the most frequent ways attackers can use your website and your web presence to harm your company, your users and the public at large.

Tips | 1 min read
Heads up: WPA2 vulnerability

A (very) quick overview of the reported WPA2 weakness. The TL;DR is “don’t flip out.” (1 min read)