Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-03-22 15:12:19 |
Une visite guidée du rapport de détection des menaces 2023 [A guided tour of the 2023 Threat Detection Report] (lien direct) |
Pour la cinquième année consécutive, nous vous apportons une analyse experte des tendances, des menaces et des techniques de mitre d'att & amp; CK.
For the fifth year in a row, we\'re bringing you expert analysis of the top trends, threats, and MITRE ATT&CK techniques. |
Threat
|
|
★★
|
|
2023-03-17 15:47:26 |
Improve your cyber threat coverage with Microsoft E5 (lien direct) |
Learn how all of the Microsoft E5 license security features can improve your cyber threat coverage and operational ROI. |
Threat
Cloud
|
|
★★★
|
|
2023-03-16 17:15:56 |
Diary of a Detection Engineer: Exposing and shutting down an inbox heist in action (lien direct) |
Here's what Red Canary's detection engineers discovered while responding to and investigating a compromised email account. |
|
|
★★★
|
|
2023-03-13 16:10:05 |
Streamlined and secure: Red Canary upgrades to SentinelOne Cloud Funnel 2.0 (lien direct) |
Red Canary now supports SentinelOne's newest data export mechanism, Cloud Funnel 2.0, providing customers with more enriched XDR data. |
Cloud
|
|
★★
|
|
2023-03-08 16:31:52 |
Gatekeeping in macOS: Keeping adversaries off our Apples (lien direct) |
Gatekeeper is the centerpiece of Apple's effort to protect macOS users from malicious software and other untrusted code. |
|
|
★★
|
|
2023-02-28 20:12:31 |
Intelligence Insight: Tax-themed phishing emails delivering GuLoader (lien direct) |
Red Canary is detecting adversaries delivering tax season-themed phishing emails to distribute GuLoader malware |
Malware
|
|
★★
|
|
2023-02-23 18:38:50 |
Respond automatically to compromised credentials in Azure Active Directory (lien direct) |
Use Red Canary's automated playbooks to respond to compromised credentials and prevent credential theft in your Azure AD environment. |
|
|
★★★
|
|
2023-02-23 16:17:53 |
Intelligence Insights: February 2023 (lien direct) |
New year, old foes: SocGholish surges, IcedID returns from holiday hiatus, and affiliates leverage OneNote. |
|
|
★★
|
|
2023-02-14 16:51:09 |
Tip of the CAP: Getting started with Conditional Access Policies (lien direct) |
Admins can leverage Microsoft's Conditional Access Policies to prevent unauthorized Azure logins, even in the face of stolen credentials. |
|
|
★★
|
|
2023-02-08 14:44:45 |
Atomic Habits, atomic tests (lien direct) |
One of Red Canary's cofounders lays out a clear framework for setting a security testing program in motion, with help from Atomic Red Team. |
|
|
★★
|
|
2023-02-01 17:13:54 |
Detecting credential access without losing cred (lien direct) |
Experts from Red Canary, MITRE, and CrowdStrike share detection and testing guidance to keep credentials out of the wrong hands. |
|
|
★★★
|
|
2023-01-26 16:55:36 |
Red Canary & Lacework: Bringing MDR to the Cloud (lien direct) |
Red Canary now integrates with Lacework's Polygraph Platform to extend cloud security coverage across your entire organization. |
|
|
★★
|
|
2023-01-19 19:30:44 |
Intelligence Insights: January 2023 (lien direct) |
End-of-year testing boosts Mimikatz & BloodHound, and ProxyNotShell is on the rise in this month's edition of Intelligence Insights |
|
|
★★★★
|
|
2023-01-16 16:00:08 |
The power of threat intelligence at your fingertips (lien direct) |
Red Canary's library of Intelligence Profiles empower you to respond to cyber threats immediately with a wealth of context. |
Threat
|
|
★★
|
|
2023-01-12 14:00:12 |
Using Microsoft Sentinel to fuel MDR (lien direct) |
Red Canary expands its integration with Microsoft Sentinel to harness the power of SIEM for threat detection and response. |
Threat
|
|
★★
|
|
2023-01-11 15:09:45 |
Bootstrapping your AppSec program (lien direct) |
Senior Security Engineer David Girvin offers advice on how to build a strong AppSec team through some unconventional means. |
|
|
★★
|
|
2023-01-05 14:26:38 |
eBPF: A new frontier for malware (lien direct) |
Extended Berkeley Packet Filter (eBPF) is beginning to transform the Linux malware landscape. Here's what defenders should look out for. |
Malware
|
|
★★★★
|
|
2023-01-04 17:50:27 |
Reporting for duty: Keeping up with the Red Canary portal (lien direct) |
Stay up to date with our latest reporting feature improvements so you know exactly what's happening in your cybersecurity environment. |
|
|
★
|
|
2023-01-04 17:31:36 |
Identity detection support for CrowdStrike EDR (lien direct) |
Red Canary has now enabled advanced threat detection support for CrowdStrike endpoint logon telemetry for all CrowdStrike EDR customers. |
Threat
|
|
★★
|
|
2022-12-22 15:43:07 |
Intelligence Insights: December 2022 (lien direct) |
The ghost of malware past, Yellow Cockatoo, returns from hiatus while Gootloader unwraps new TTPs in this month's Intelligence Insights |
Malware
|
|
★★★
|
|
2022-12-21 15:53:55 |
Red Canary\'s best of 2022 (lien direct) |
Take a look back at the research, detection guidance, videos, and other resources we're most proud of this year. |
|
|
★★★
|
|
2022-12-20 20:50:24 |
Thwarting account takeovers in Google Workspace (lien direct) |
Our expanded integration with Google Workspace ingests telemetry and alerts to help protect against account takeover threats. |
|
|
★★★
|
|
2022-12-19 16:21:08 |
Atomic Red Team year in review (lien direct) |
Looking back fondly on how the Atomic family of open source tools grew in 2022, we review statistics, media, and project milestones galore. |
|
|
★★★
|
|
2022-12-12 23:09:06 |
Confidence from context: The Red Canary threat timeline (lien direct) |
We have made some changes to our Threat Timeline user experience to make it easier to quickly get context and respond to threats faster. |
Threat
|
|
★★
|
|
2022-12-08 18:30:42 |
Fuzzing Golang msgpack for fun and panic (lien direct) |
How the Red Canary Product Security Team found a vulnerability in a Go programming language MessagePack implementation. |
Vulnerability
|
|
★★
|
|
2022-12-07 19:45:00 |
Integration update: ExtraHop Reveal(x) 360, Microsoft Defender for Cloud Apps, Cisco Meraki (lien direct) |
Red Canary expands its integrations across network, cloud, and SaaS app security with ExtraHop, Defender for Cloud Apps, and Cisco Meraki. |
|
|
★★
|
|
2022-11-28 17:53:22 |
Intelligence Insights: November 2022 (lien direct) |
Qbot's campaign takes center stage while stealer malware attempts to swipe more than just the spotlight in this month's Intelligence Insights |
Malware
|
|
★★★
|
|
2022-11-17 16:00:22 |
Red Canary partners with ExtraHop (lien direct) |
Learn how the Red Canary MDR and ExtraHop NDR integration enables greater visibility and security monitoring across endpoints and systems. |
|
|
|
|
2022-11-09 13:58:50 |
Crude OilRig: Drilling into MITRE\'s Managed Service Evaluations (lien direct) |
Here's how Red Canary detected and thwarted simulated OilRig activity in MITRE's inaugural Managed Services ATT&CK® Evaluation. |
|
APT 34
|
|
|
2022-11-07 13:44:13 |
Validate your defenses with Atomic Test Harnesses for Linux and macOS (lien direct) |
The POSIX Atomic Test Harnesses suite leverages Python to emulate multiple variations of a given ATT&CK technique on Linux and macOS systems. |
|
|
|
|
2022-11-03 17:32:35 |
Why so, ISO? Mark-of-the-Web, explained (lien direct) |
Adversaries have started to ditch classic ZIP files in favor of more elusive ISO files to gain initial access. Here's what to look out for. |
|
|
|
|
2022-11-01 19:35:19 |
Going off script: Thwarting OSA, AppleScript, and JXA abuse (lien direct) |
Experts from Red Canary, Jamf, and MITRE ATT&CK opine on ways to detect and prevent manipulation of macOS's scripting architecture. |
|
|
|
|
2022-10-26 17:32:50 |
Jamf and Red Canary: Working together for expert level security (lien direct) |
Learn how the Jamf integration with Red Canary MDR provides expert-level security for MacOS devices against targeted MacOS threats. |
|
|
|
|
2022-10-25 15:07:00 |
Couples counseling for security teams and their business partners (lien direct) |
Despite conflicting priorities, infosec teams need to play nice with the rest of an organization to ensure everyone's security and success. |
|
|
|
|
2022-10-20 15:44:24 |
Intelligence Insights: October 2022 (lien direct) |
AdSearch ghosts, Qbot returns with new tricks, and PureCrypter loads malware treats. All this and more in this month's Intelligence Insights. |
Malware
|
|
★★★
|
|
2022-10-19 17:37:26 |
Persistent pests: A taxonomy of computer worms (lien direct) |
Many of the most notorious ransomware attacks, including WannaCry and NotPetya, began with a worm. Here's how you can help stop the spread. |
Ransomware
|
NotPetya
Wannacry
Wannacry
|
|
|
2022-10-17 19:44:44 |
Verified defense: Red Canary MDR scales your Microsoft security program (lien direct) |
Red Canary MDR is the first partner solution verified by Microsoft to deliver managed extended detection and response (MXDR). |
|
|
|
|
2022-10-06 19:58:53 |
Cloud coverage: Detecting an email payroll diversion attack (lien direct) |
Defenders have an abundance of useful Exchange telemetry to help detect payroll diversion schemes and other suspicious email activity. |
|
|
|
|
2022-10-05 18:35:16 |
Introducing Linux EDR Response Actions (lien direct) |
Red Canary now offers a plug-in option for Linux EDR customers to support automated cyber threat response actions. |
Threat
|
|
|
|
2022-09-29 16:10:35 |
A brief history of security testing (lien direct) |
How internal security testing has evolved over the years to improve threat detection, mitgation, and other outcomes |
Threat
|
|
|
|
2022-09-22 15:03:18 |
Intelligence Insights: September 2022 (lien direct) |
AdSearch remains number 1, SocGholish returns to the top 5, and malicious ISOs take hold as an increasingly popular delivery method |
|
|
|
|
2022-09-15 15:01:28 |
Forward thinking: How adversaries abuse Office 365 email rules (lien direct) |
This mind map demonstrates how adversaries exploit email conditional rules in Office 365 to execute business email compromise (BEC) schemes |
|
|
|
|
2022-09-13 18:33:02 |
Better know a data source: Process creation (lien direct) |
Process creation is a dominant data source in the world of behavioral endpoint detection. Here's why it's useful and where you can find it. |
|
|
|
|
2022-09-12 13:00:57 |
Dark Canary Rises (lien direct) |
By popular demand, dark mode is now available in the Red Canary portal - learn how to activate it in your account. |
|
|
|
|
2022-08-23 16:17:46 |
4 hiring tips for building a cyber threat intelligence team (lien direct) |
Here are four things to keep in mind when interviewing candidates to join your cyber intelligence (CTI) team |
Threat
|
|
|
|
2022-08-18 21:53:55 |
Integration update: Okta Workforce Identity, Cisco Umbrella, Palo Alto Networks Wildfire and Threat Prevention (lien direct) |
We're excited to announce new integrations with Okta Workforce Identity, Cisco Umbrella, and Palo Alto Networks Wildfire & Threat Prevention. |
Threat
|
|
|
|
2022-08-18 16:29:27 |
Intelligence Insights: August 2022 (lien direct) |
AdSearch appears, Shlayer surges, and RedLine resurfaces in this month's edition of Intelligence Insights. |
|
|
|
|
2022-08-16 18:52:58 |
Stop account compromise with Red Canary MDR and Okta (lien direct) |
After detecting identity-based threats, see how Red Canary automatically responds in Okta Workforce Identity so you don't have to. |
|
|
|
|
2022-08-15 17:42:14 |
MDR vs MSSP: Which one is right for your organization? (lien direct) |
Learn the key functionality and differences between MDR providers and MSSPs so you can make the best security decision for your organization. |
|
|
|
|
2022-08-11 19:27:54 |
I got an alert, now what? (lien direct) |
Security analysts can take multiple approaches when responding to an alert. Here's what's worked best for us. |
|
|
|