Intelligence Insights: June 2025 The Red Canary Blog: Information Security Insights 1 day 9 hours ago Amber Albatross abides and a new color bird threat, Mocha Manakin, manifests in this month's edition of Intelligence Insights The Red Canary Team
Mocha Manakin delivers custom NodeJS backdoor via paste and run The Red Canary Blog: Information Security Insights 1 day 9 hours ago Named by Red Canary, Mocha Manakin uses paste and run with PowerShell to drop a custom NodeJS backdoor that could lead to ransomware Red Canary Intelligence
A large learning model: Red Canary’s AI journey The Red Canary Blog: Information Security Insights 1 week 2 days ago Red Canary was experimenting with generative AI B.C. (before ChatGPT). Our new next-gen AI agents are the capstone of a years-long journey. Rafael Del Rey
All about that baseline: Detecting anomalies with Surveyor The Red Canary Blog: Information Security Insights 2 weeks ago The Surveyor open source tool can help organizations establish a baseline of their environment, verify activity, and investigate anomalies. Tre Wilkins
Red Canary CFP tracker: June 2025 The Red Canary Blog: Information Security Insights 2 weeks 1 day ago Red Canary's monthly roundup of upcoming security conferences and calls for papers (CFP) submission deadlines Shelley Moore
Here’s what you missed on Office Hours: May 2025 The Red Canary Blog: Information Security Insights 3 weeks ago
Red Canary to join Zscaler The Red Canary Blog: Information Security Insights 3 weeks 2 days ago Today we are announcing a major milestone in our journey – Zscaler has signed a definitive agreement to acquire Red Canary. Brian Beyer
Intelligence Insights: May 2025 The Red Canary Blog: Information Security Insights 4 weeks ago Amber Albatross continues its reign and Latrodectus crawls into the top 10 in this month's edition of Intelligence Insights The Red Canary Team
Getting started with Conditional Access: Comparing Entra ID Conditional Access with Cisco Duo Security The Red Canary Blog: Information Security Insights 4 weeks 1 day ago Everything you need to know about the differences between conditional access policies in Microsoft Entra ID and Cisco Duo. Sam Straka
Getting started with Conditional Access: Comparing Entra ID Conditional Access with Okta The Red Canary Blog: Information Security Insights 1 month ago Everything you need to know about the differences between conditional access policies in Microsoft Entra ID and Okta. Sam Straka
Getting started with Conditional Access: 5 must-have Entra ID policies The Red Canary Blog: Information Security Insights 1 month 1 week ago We walk through Conditional Access prerequisites and recommend the top five CA policies you should implement first. Sam Straka
Critical vulnerability in SAP NetWeaver enables malicious file uploads The Red Canary Blog: Information Security Insights 1 month 2 weeks ago Adversaries can exploit CVE-2025-31324 to upload web shells and other unauthorized files to execute on the SAP NetWeaver server The Red Canary Team
Intelligence Insights: April 2025 The Red Canary Blog: Information Security Insights 1 month 3 weeks ago Amber Albatross looms large and Arechclient2 makes its debut in this month's edition of Intelligence Insights The Red Canary Team
Cybersecurity metrics that matter (and how to measure them) The Red Canary Blog: Information Security Insights 1 month 3 weeks ago Which cybersecurity metrics should SOC teams be tracking to measure their success in detecting and responding to threats? Brian Donohue
Red Canary’s favorite cybersecurity podcasts in 2025 The Red Canary Blog: Information Security Insights 2 months ago From conversations on hacking to cybercrime capers, we look at 10 cybersecurity podcasts to learn more about the field. The Red Canary Team
Creating user baseline reports to identify malicious logins The Red Canary Blog: Information Security Insights 2 months 1 week ago Humans are creatures of habit and unusual logins are a great signal for detection, if you can gather and make sense of identity telemetry. Ryan Morton
The RSAC 2025 Conference talks worth catching The Red Canary Blog: Information Security Insights 2 months 2 weeks ago How AI agents can help purple teaming, inside the stolen credential ecosystem, and more: We read through the RSA agenda so you don't have to. Chris Brook
2025 Threat Detection Report: Practitioner playbook The Red Canary Blog: Information Security Insights 2 months 3 weeks ago Inspired by our newly released Threat Detection Report, here are five things defenders can do right now to strengthen their security posture. Tony Lambert
Intelligence Insights: March 2025 The Red Canary Blog: Information Security Insights 2 months 4 weeks ago Worms break ground and fake browser updates march forward in this month's edition of Intelligence Insights The Red Canary Team
What does Google’s $32B acquisition of cloud security startup Wiz mean for security operations? The Red Canary Blog: Information Security Insights 2 months 4 weeks ago Cloud security is a rapidly accelerating challenge for security operations—a trend highlighted in our 2025 Threat Detection Report. Keith McCammon