Intelligence Insights: June 2025
Amber Albatross abides and a new color bird threat, Mocha Manakin, manifests in this month's edition of Intelligence Insights
The Red Canary Blog: Information Security Insights
Mocha Manakin delivers custom NodeJS backdoor via paste and run
1 day 9 hours ago
Named by Red Canary, Mocha Manakin uses paste and run with PowerShell to drop a custom NodeJS backdoor that could lead to ransomware
Red Canary Intelligence
A large learning model: Red Canary’s AI journey
1 week 2 days ago
Red Canary was experimenting with generative AI B.C. (before ChatGPT). Our new next-gen AI agents are the capstone of a years-long journey.
Rafael Del Rey
All about that baseline: Detecting anomalies with Surveyor
2 weeks ago
The Surveyor open source tool can help organizations establish a baseline of their environment, verify activity, and investigate anomalies.
Tre Wilkins
Red Canary CFP tracker: June 2025
2 weeks 1 day ago
Red Canary's monthly roundup of upcoming security conferences and calls for papers (CFP) submission deadlines
Shelley Moore
Here’s what you missed on Office Hours: May 2025
3 weeks ago
Red Canary to join Zscaler
3 weeks 2 days ago
Today we are announcing a major milestone in our journey – Zscaler has signed a definitive agreement to acquire Red Canary.
Brian Beyer
Intelligence Insights: May 2025
4 weeks ago
Amber Albatross continues its reign and Latrodectus crawls into the top 10 in this month's edition of Intelligence Insights
The Red Canary Team
Getting started with Conditional Access: Comparing Entra ID Conditional Access with Cisco Duo Security
4 weeks 1 day ago
Everything you need to know about the differences between conditional access policies in Microsoft Entra ID and Cisco Duo.
Sam Straka
Getting started with Conditional Access: Comparing Entra ID Conditional Access with Okta
1 month ago
Everything you need to know about the differences between conditional access policies in Microsoft Entra ID and Okta.
Sam Straka
Getting started with Conditional Access: 5 must-have Entra ID policies
1 month 1 week ago
We walk through Conditional Access prerequisites and recommend the top five CA policies you should implement first.
Sam Straka
Critical vulnerability in SAP NetWeaver enables malicious file uploads
1 month 2 weeks ago
Adversaries can exploit CVE-2025-31324 to upload web shells and other unauthorized files to execute on the SAP NetWeaver server
The Red Canary Team
Intelligence Insights: April 2025
1 month 3 weeks ago
Amber Albatross looms large and Arechclient2 makes its debut in this month's edition of Intelligence Insights
The Red Canary Team
Cybersecurity metrics that matter (and how to measure them)
1 month 3 weeks ago
Which cybersecurity metrics should SOC teams be tracking to measure their success in detecting and responding to threats?
Brian Donohue
Red Canary’s favorite cybersecurity podcasts in 2025
2 months ago
From conversations on hacking to cybercrime capers, we look at 10 cybersecurity podcasts to learn more about the field.
The Red Canary Team
Creating user baseline reports to identify malicious logins
2 months 1 week ago
Humans are creatures of habit and unusual logins are a great signal for detection, if you can gather and make sense of identity telemetry.
Ryan Morton
The RSAC 2025 Conference talks worth catching
2 months 2 weeks ago
How AI agents can help purple teaming, inside the stolen credential ecosystem, and more: We read through the RSA agenda so you don't have to.
Chris Brook
2025 Threat Detection Report: Practitioner playbook
2 months 3 weeks ago
Inspired by our newly released Threat Detection Report, here are five things defenders can do right now to strengthen their security posture.
Tony Lambert
Intelligence Insights: March 2025
2 months 4 weeks ago
Worms break ground and fake browser updates march forward in this month's edition of Intelligence Insights
The Red Canary Team
What does Google’s $32B acquisition of cloud security startup Wiz mean for security operations?
2 months 4 weeks ago
Cloud security is a rapidly accelerating challenge for security operations—a trend highlighted in our 2025 Threat Detection Report.
Keith McCammon
Checked
2 hours 3 minutes ago