Here’s what you missed on Office Hours: October 2025
AI agents, threat hunting 101, supply chain scaries, and more: Catch up on the last month's episodes of Red Canary Office Hours.
The Red Canary Blog: Information Security Insights
Unmasking risks that haunt your supply chain
4 days 1 hour ago
A spooky guide to supply chain vulnerabilities with advice on how to scare off adversaries from your system
Laura Brosnan
The art and science of effective security storytelling
1 week ago
Three criteria for assessing quality security data that enables faster responses and effective ROI storytelling
Matt Graeber
Intelligence Insights: October 2025
1 week 3 days ago
Tampered Chef serves up a smorgasbord of suspicious activity in this month’s edition of Intelligence Insights
The Red Canary Team
Commanding attention: How adversaries are abusing AI CLI tools
2 weeks 5 days ago
Adversaries are taking to the command line, abusing AI tools like Claude Code to launch malicious prompts and steal credentials.
Jesse Griggs
A taxonomy of Mac stealers: Distinguishing Atomic, Odyssey, and Poseidon
3 weeks 4 days ago
Set sail with us as we compare and contrast three of the biggest players in the macOS stealer ecosystem: Atomic, Poseidon, and Odyssey
Tony Lambert
Red Canary CFP tracker: October 2025
1 month ago
Red Canary's monthly roundup of upcoming security conferences and calls for papers (CFP) submission deadlines
Shelley Moore
Here’s what you missed on Office Hours: September 2025
1 month ago
Phishing campaigns dropping RMM tools and WordPress sites delivering malware: Catch up on the last month of Red Canary Office Hours
Redefining incident response in the age of AI
1 month 1 week ago
Our updated Incident Response and Readiness guide provides a blueprint for responsibly incorporating AI into your IR program.
Laura Brosnan
Intelligence Insights: September 2025
1 month 1 week ago
King KongTuke debuts at no. 1, and we offer detection opportunities for paste-and-run-lures in this month’s edition of Intelligence Insights
The Red Canary Team
Double agents: How adversaries can abuse “agent mode” in commercial AI products
1 month 1 week ago
As AI assistants become capable of performing actions on behalf of a user, be on the lookout for “AI-in-the-middle (AIitM) attacks”
Alex Walston
Node problem: Tracking recent npm package compromises
1 month 1 week ago
Recent npm supply chain attacks highlight why robust mitigation and response strategies are required for both developers and users.
Tony Lambert
You’re invited: Four phishing lures in campaigns dropping RMM tools
1 month 3 weeks ago
Joint research from Red Canary Intelligence and Zscaler threat hunters spotlights phishing campaigns dropping RMM tools
Red Canary Intelligence
Understanding OAuth application attacks and defenses
1 month 4 weeks ago
Red Canary’s Threat Hunting team recently uncovered a malicious OAuth application attack, demonstrating the need for specific defenses.
Chris Brook
Red Canary CFP tracker: September 2025
2 months ago
Red Canary's monthly roundup of upcoming security conferences and calls for papers (CFP) submission deadlines
Shelley Moore
Here’s what you missed on Office Hours: August 2025
2 months ago
OAuth application abuse, emerging cloud tradecraft and the AI threat landscape: Catch up on last month's episodes of Red Canary Office Hours.
Intelligence Insights: August 2025
2 months 1 week ago
Precursors get preempted and NetSupport Manager gets promoted in this month’s edition of Intelligence Insights
The Red Canary Team
Respond faster and empower users with Red Canary Managed Phishing Response
2 months 2 weeks ago
Managed Phishing Response offers AI-powered triage, rapid expert analysis, and tailored feedback for every user-reported phishing email
Jake Davidson
Patching for persistence: How DripDropper Linux malware moves through the cloud
2 months 2 weeks ago
DripDropper is a Red Canary-named Linux malware variant that uses an encrypted PyInstaller ELF file to communicate with a Dropbox account.
Christina Johns
12 questions to ask before you buy MDR
2 months 2 weeks ago
Essential questions you should ask managed detection and response (MDR) providers before you make your investment
Checked
10 hours 41 minutes ago