Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-01-05 14:26:38 |
eBPF: A new frontier for malware (lien direct) |
Extended Berkeley Packet Filter (eBPF) is beginning to transform the Linux malware landscape. Here's what defenders should look out for. |
Malware
|
|
★★★★
|
|
2023-01-04 17:50:27 |
Reporting for duty: Keeping up with the Red Canary portal (lien direct) |
Stay up to date with our latest reporting feature improvements so you know exactly what's happening in your cybersecurity environment. |
|
|
★
|
|
2023-01-04 17:31:36 |
Identity detection support for CrowdStrike EDR (lien direct) |
Red Canary has now enabled advanced threat detection support for CrowdStrike endpoint logon telemetry for all CrowdStrike EDR customers. |
Threat
|
|
★★
|
|
2022-12-22 15:43:07 |
Intelligence Insights: December 2022 (lien direct) |
The ghost of malware past, Yellow Cockatoo, returns from hiatus while Gootloader unwraps new TTPs in this month's Intelligence Insights |
Malware
|
|
★★★
|
|
2022-12-21 15:53:55 |
Red Canary\'s best of 2022 (lien direct) |
Take a look back at the research, detection guidance, videos, and other resources we're most proud of this year. |
|
|
★★★
|
|
2022-12-20 20:50:24 |
Thwarting account takeovers in Google Workspace (lien direct) |
Our expanded integration with Google Workspace ingests telemetry and alerts to help protect against account takeover threats. |
|
|
★★★
|
|
2022-12-19 16:21:08 |
Atomic Red Team year in review (lien direct) |
Looking back fondly on how the Atomic family of open source tools grew in 2022, we review statistics, media, and project milestones galore. |
|
|
★★★
|
|
2022-12-12 23:09:06 |
Confidence from context: The Red Canary threat timeline (lien direct) |
We have made some changes to our Threat Timeline user experience to make it easier to quickly get context and respond to threats faster. |
Threat
|
|
★★
|
|
2022-12-08 18:30:42 |
Fuzzing Golang msgpack for fun and panic (lien direct) |
How the Red Canary Product Security Team found a vulnerability in a Go programming language MessagePack implementation. |
Vulnerability
|
|
★★
|
|
2022-12-07 19:45:00 |
Integration update: ExtraHop Reveal(x) 360, Microsoft Defender for Cloud Apps, Cisco Meraki (lien direct) |
Red Canary expands its integrations across network, cloud, and SaaS app security with ExtraHop, Defender for Cloud Apps, and Cisco Meraki. |
|
|
★★
|
|
2022-11-28 17:53:22 |
Intelligence Insights: November 2022 (lien direct) |
Qbot's campaign takes center stage while stealer malware attempts to swipe more than just the spotlight in this month's Intelligence Insights |
Malware
|
|
★★★
|
|
2022-11-17 16:00:22 |
Red Canary partners with ExtraHop (lien direct) |
Learn how the Red Canary MDR and ExtraHop NDR integration enables greater visibility and security monitoring across endpoints and systems. |
|
|
|
|
2022-11-09 13:58:50 |
Crude OilRig: Drilling into MITRE\'s Managed Service Evaluations (lien direct) |
Here's how Red Canary detected and thwarted simulated OilRig activity in MITRE's inaugural Managed Services ATT&CK® Evaluation. |
|
APT 34
|
|
|
2022-11-07 13:44:13 |
Validate your defenses with Atomic Test Harnesses for Linux and macOS (lien direct) |
The POSIX Atomic Test Harnesses suite leverages Python to emulate multiple variations of a given ATT&CK technique on Linux and macOS systems. |
|
|
|
|
2022-11-03 17:32:35 |
Why so, ISO? Mark-of-the-Web, explained (lien direct) |
Adversaries have started to ditch classic ZIP files in favor of more elusive ISO files to gain initial access. Here's what to look out for. |
|
|
|
|
2022-11-01 19:35:19 |
Going off script: Thwarting OSA, AppleScript, and JXA abuse (lien direct) |
Experts from Red Canary, Jamf, and MITRE ATT&CK opine on ways to detect and prevent manipulation of macOS's scripting architecture. |
|
|
|
|
2022-10-26 17:32:50 |
Jamf and Red Canary: Working together for expert level security (lien direct) |
Learn how the Jamf integration with Red Canary MDR provides expert-level security for MacOS devices against targeted MacOS threats. |
|
|
|
|
2022-10-25 15:07:00 |
Couples counseling for security teams and their business partners (lien direct) |
Despite conflicting priorities, infosec teams need to play nice with the rest of an organization to ensure everyone's security and success. |
|
|
|
|
2022-10-20 15:44:24 |
Intelligence Insights: October 2022 (lien direct) |
AdSearch ghosts, Qbot returns with new tricks, and PureCrypter loads malware treats. All this and more in this month's Intelligence Insights. |
Malware
|
|
★★★
|
|
2022-10-19 17:37:26 |
Persistent pests: A taxonomy of computer worms (lien direct) |
Many of the most notorious ransomware attacks, including WannaCry and NotPetya, began with a worm. Here's how you can help stop the spread. |
Ransomware
|
NotPetya
Wannacry
Wannacry
|
|
|
2022-10-17 19:44:44 |
Verified defense: Red Canary MDR scales your Microsoft security program (lien direct) |
Red Canary MDR is the first partner solution verified by Microsoft to deliver managed extended detection and response (MXDR). |
|
|
|
|
2022-10-06 19:58:53 |
Cloud coverage: Detecting an email payroll diversion attack (lien direct) |
Defenders have an abundance of useful Exchange telemetry to help detect payroll diversion schemes and other suspicious email activity. |
|
|
|
|
2022-10-05 18:35:16 |
Introducing Linux EDR Response Actions (lien direct) |
Red Canary now offers a plug-in option for Linux EDR customers to support automated cyber threat response actions. |
Threat
|
|
|
|
2022-09-29 16:10:35 |
A brief history of security testing (lien direct) |
How internal security testing has evolved over the years to improve threat detection, mitgation, and other outcomes |
Threat
|
|
|
|
2022-09-22 15:03:18 |
Intelligence Insights: September 2022 (lien direct) |
AdSearch remains number 1, SocGholish returns to the top 5, and malicious ISOs take hold as an increasingly popular delivery method |
|
|
|
|
2022-09-15 15:01:28 |
Forward thinking: How adversaries abuse Office 365 email rules (lien direct) |
This mind map demonstrates how adversaries exploit email conditional rules in Office 365 to execute business email compromise (BEC) schemes |
|
|
|
|
2022-09-13 18:33:02 |
Better know a data source: Process creation (lien direct) |
Process creation is a dominant data source in the world of behavioral endpoint detection. Here's why it's useful and where you can find it. |
|
|
|
|
2022-09-12 13:00:57 |
Dark Canary Rises (lien direct) |
By popular demand, dark mode is now available in the Red Canary portal - learn how to activate it in your account. |
|
|
|
|
2022-08-23 16:17:46 |
4 hiring tips for building a cyber threat intelligence team (lien direct) |
Here are four things to keep in mind when interviewing candidates to join your cyber intelligence (CTI) team |
Threat
|
|
|
|
2022-08-18 21:53:55 |
Integration update: Okta Workforce Identity, Cisco Umbrella, Palo Alto Networks Wildfire and Threat Prevention (lien direct) |
We're excited to announce new integrations with Okta Workforce Identity, Cisco Umbrella, and Palo Alto Networks Wildfire & Threat Prevention. |
Threat
|
|
|
|
2022-08-18 16:29:27 |
Intelligence Insights: August 2022 (lien direct) |
AdSearch appears, Shlayer surges, and RedLine resurfaces in this month's edition of Intelligence Insights. |
|
|
|
|
2022-08-16 18:52:58 |
Stop account compromise with Red Canary MDR and Okta (lien direct) |
After detecting identity-based threats, see how Red Canary automatically responds in Okta Workforce Identity so you don't have to. |
|
|
|
|
2022-08-15 17:42:14 |
MDR vs MSSP: Which one is right for your organization? (lien direct) |
Learn the key functionality and differences between MDR providers and MSSPs so you can make the best security decision for your organization. |
|
|
|
|
2022-08-11 19:27:54 |
I got an alert, now what? (lien direct) |
Security analysts can take multiple approaches when responding to an alert. Here's what's worked best for us. |
|
|
|
|
2022-08-11 19:20:59 |
Your Linux data in one location (lien direct) |
Through our new Telemetry Search feature, find the Linux EDR data you need from the past 7 days in a single pane of glass. |
|
|
|