Red Canary: At the heart of your security operations
Red Canary's ecosystem of integrations and tech partnerships ensures you have the data, tools, and expertise to keep your organization safe.
The Red Canary Blog: Information Security Insights
The dark cloud around GCP service accounts
11 months 2 weeks ago
Google Cloud Platform security: How our threat research team gets from “huh, that's weird” to robust detection coverage
Dave Bogle
Storm-1811 exploits RMM tools to drop Black Basta ransomware
11 months 2 weeks ago
Storm-1811's latest help desk scam begins with email bombing leading to IT impersonation and ends with Black Basta ransomware
Red Canary Intelligence
Safeguard your identities with Red Canary + CrowdStrike Falcon® Identity Protection
11 months 3 weeks ago
Stay ahead of modern adversaries with real-time identity monitoring, threat detection, and response from Red Canary and CrowdStrike Falcon
Kelly Horsford
Intelligence Insights: November 2024
1 year ago
LummaC2 sets the table and gobbles up sensitive information in this month's edition of Intelligence Insights
The Red Canary Team
Why CISOs under consolidation pressure are embracing Microsoft Security solutions
1 year ago
Microsoft’s unified security workloads, combined with Red Canary’s detection and response expertise, can simplify your security posture.
Cordell BaanHofman
Stealers evolve to bypass Google Chrome’s new app-bound encryption
1 year ago
In spite of Chrome’s new encryption feature, infostealers like Stealc, VIdar, and LummaC2 are still getting their hands in the cookie jar.
Keith McCammon
Explore the new Atomic Red Team website
1 year ago
The redesigned Atomic Red Team website features a new browser interface, improved search capabilities, and easier test execution
Phil Hagen
From the dreamhouse to the SOC: Ken’s guide to security
1 year ago
Unboxing some of the year’s most prevalent threats with detection and prevention guidance from Barbie’s boyfriend
Laura Brosnan
Artificial authentication: Understanding and observing Azure OpenAI abuse
1 year ago
Adversaries can compromise key material in Azure OpenAI to host malicious models, poison trained models, and steal intellectual property.
Matt Graeber
Intelligence Insights: October 2024
1 year ago
LummaC2 lurks thanks to PowerShell pasting in this month's edition of Intelligence Insights
The Red Canary Team
Apple picking: Bobbing for Atomic Stealer & other macOS malware
1 year 1 month ago
Your company’s Apple devices are ripe for attacks using macOS malware such as Atomic Stealer. Here’s what to look out for.
Laura Brosnan
Infosec horoscopes: Astrology for SOC teams
1 year 1 month ago
Zodiac-inspired predictions, advice, and resources for security operations center (SOC) teams and other infosec professionals
Susannah Clark Matt
Intelligence Insights: September 2024
1 year 1 month ago
We share virtual private network hardening guidance to cut through FOG ransomware in this month's edition of Intelligence Insights
The Red Canary Team
Keep track of AWS user activity with SourceIdentity attribute
1 year 1 month ago
The SourceIdentity attribute in AWS’s Security Token Service (STS) can help defenders trace AWS role activity back to its source.
Jesse Griggs
Trending cyberthreats and techniques from the first half of 2024
1 year 2 months ago
We’re revisiting our annual Threat Detection Report with a midyear update highlighting trends from detections in the first half of 2024.
Brian Donohue
The CrowdStrike outage: Detection and defense in depth
1 year 2 months ago
By adopting defense in depth, security operations teams can avoid any single point of failure in the tangles of the global supply chain
Keith McCammon
Detecting brute-force attacks with a smart watchlist
1 year 2 months ago
Tre Wilkins
Reel in troves of data with webhooks
1 year 2 months ago
Red Canary uses AWS API Gateway webhooks to process floods of security telemetry every day. Here's how we do it.
James Prior
Recent dllFake activity shares code with SecondEye
1 year 2 months ago
Red Canary Intel discovered overlaps in code between dllFake and previous campaigns leveraging Iranian user monitoring software SecondEye.
Red Canary Intelligence
Checked
9 hours 37 minutes ago