Threat research, operational playbooks, and security leadership.
10 results
Machine-speed attacks represent a fundamental shift in how cyber threats are executed. Instead of relying on traditional malware or exploit chains, attackers are now leveraging valid credentials and trusted access to move through environments at the speed of automation.…
The holiday season is one of the busiest times of the year for credential theft attacks. While many organizations prepare for reduced staffing and year-end deadlines, threat actors prepare for something else.…
Endpoint Detection and Response tools are central to how organizations detect and stop malicious activity. Security teams rely on EDR for real time visibility into endpoint behavior, rapid detection of threats, and automated response actions.…
Email and collaboration tools remain the number one attack vector in 2025. Threat actors are increasingly abusing trusted platforms like Google Workspace and Microsoft 365 to bypass traditional defenses, steal credentials, and hijack accounts.
On May 21, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a joint advisory warning organizations about the active use of LummaC2 malware in targeted attacks.…
The April 2024 roundup highlights the rise of the "Xeno" remote access trojan (RAT) and the continued exploitation of vulnerabilities in popular software. A multi-faceted defense strategy that includes staff education on phishing, multi-factor authentication (MFA), and consistent software updates is essential to combat these evolving threats.
ArmorPoint analysts have observed a concerning trend of cybercriminals misusing Advanced IP Scanner, a legitimate tool, for network reconnaissance during the initial stages of an attack. Continuous network monitoring, behavior-based analytics, and advanced threat detection are essential to identify and counter this evolving threat.
The increase in email account compromise (EAC) attacks highlights the importance of strong security practices like multi-factor authentication (MFA) and user awareness training. Proactive prevention and swift incident response are crucial for mitigating this threat.
New Bluetooth and smartphone vulnerabilities expose users to remote code execution and tracking risks. Patching and disabling unused features are key mitigation steps.
Alert fatigue is not a personality trait, it is a measurable operational problem. Here are three concrete signals it has set in, and what to do about each.