What happened. In mid-July 2025, attackers chained two SharePoint zero-days (CVE-2025-53770/53771), rapidly compromising hundreds of orgs across government, healthcare, and finance. CISA added them to KEV and issued analysis, and Microsoft confirmed active...
Mid-year is the perfect time to review your security program status before the end-of-year rush.
Detection engineering transforms security monitoring from reactive alert-chasing into proactive threat hunting. Here’s how to build, test, and maintain detection rules like software.
As attackers evolve their evasion techniques, defenders must move beyond user-mode hooks. Explore how kernel-level telemetry via ETW provides unbypassable visibility.
Our red team recently demonstrated how sophisticated threat actors can evade endpoint detection. Here’s what we learned and how to strengthen your defenses.
What happened. In 2025, stolen data linked to the 2024 Snowflake compromises resurfaced in leak-site posts (e.g., Ticketmaster, Santander). Analyses point to weak or missing MFA and stolen credentials rather than a Snowflake platform exploit—reminding teams that...
