BLOG

Insights from the ArmorPoint team.

Threat research, operational playbooks, and security leadership.

10 results

Threat Intel

Defending Against Machine-Speed Attacks and Administrative Tool Exploitation

Machine-speed attacks represent a fundamental shift in how cyber threats are executed. Instead of relying on traditional malware or exploit chains, attackers are now leveraging valid credentials and trusted access to move through environments at the speed of automation.…

6 min read · aburgett
Read more →
Threat Intel

Avoiding Credential Theft Attacks During the Holiday Season

The holiday season is one of the busiest times of the year for credential theft attacks. While many organizations prepare for reduced staffing and year-end deadlines, threat actors prepare for something else.…

4 min read · aburgett
Read more →
Threat Intel

EDR Evasion Tactics on the Rise

Endpoint Detection and Response tools are central to how organizations detect and stop malicious activity. Security teams rely on EDR for real time visibility into endpoint behavior, rapid detection of threats, and automated response actions.…

5 min read · aburgett
Read more →
Threat Intel

Threat Intel: Emerging Email Client Threats to Watch

Email and collaboration tools remain the number one attack vector in 2025. Threat actors are increasingly abusing trusted platforms like Google Workspace and Microsoft 365 to bypass traditional defenses, steal credentials, and hijack accounts.

4 min read · aburgett
Read more →
Threat Intel

LummaC2 Infostealer Malware: What Businesses Need to Know About the Latest CISA Advisory (AA25-141B)

On May 21, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory warning organizations about the active use of LummaC2 malware in targeted attacks.…

5 min read · aburgett
Read more →
Threat Intel

April 2024 Cybersecurity Roundup: The Xeno Effect and Beyond

The April 2024 roundup highlights the rise of the "Xeno" remote access trojan (RAT) and the continued exploitation of vulnerabilities in popular software. A multi-faceted defense strategy that includes staff education on phishing, multi-factor authentication (MFA), and consistent software updates is essential to combat these evolving threats.

3 min read · aburgett
Read more →
Threat Intel

ArmorPoint Analysts Discover Increased Malicious Use of Advanced IP Scanner

ArmorPoint analysts have observed a concerning trend of cybercriminals misusing Advanced IP Scanner, a legitimate tool, for network reconnaissance during the initial stages of an attack. Continuous network monitoring, behavior-based analytics, and advanced threat detection are essential to identify and counter this evolving threat.

3 min read · aburgett
Read more →
Threat Intel

Email Account Compromise on the Rise

The increase in email account compromise (EAC) attacks highlights the importance of strong security practices like multi-factor authentication (MFA) and user awareness training. Proactive prevention and swift incident response are crucial for mitigating this threat.

5 min read · aburgett
Read more →
Threat Intel

ArmorPoint Threat Intel: New Smartphone and Bluetooth Vulnerabilities

New Bluetooth and smartphone vulnerabilities expose users to remote code execution and tracking risks. Patching and disabling unused features are key mitigation steps.

3 min read · ArmorPoint
Read more →
Articles

Three signs your SOC is drowning in alerts

Alert fatigue is not a personality trait, it is a measurable operational problem. Here are three concrete signals it has set in, and what to do about each.

4 min read · ArmorPoint Team
Read more →