threat hunting

Email bombing, a form of cyberattack where attackers flood a target's inbox with a massive volume of emails, has become an increasingly prevalent threat. This tactic aims to overwhelm users, making it challenging to access legitimate communications and potentially disrupting organizational...

As email-based threats continue to evolve in both scope and sophistication, organizations leveraging Microsoft’s business productivity suite face a relentless challenge: how to protect their workforce—and their most sensitive data—from increasingly novel attack tactics. One such cybercrime...

Microsoft 365 tenants across the United States have recently become the focal point of a sophisticated, widespread phishing campaign that leverages a rarely-discussed but highly impactful vulnerability in Exchange Online’s Direct Send feature. Security researchers have confirmed that, since May...

Microsoft’s relentless pursuit of proactive security innovation has taken a substantial leap forward with the recent upgrade to Microsoft Defender XDR, which now integrates advanced Copilot-driven technology and the newly introduced TITAN recommendations system. This enhancement signals a...

Microsoft has recently announced the addition of two significant data tables—CampaignInfo and FileMaliciousContentInfo—to its Defender XDR advanced hunting capabilities. This enhancement aims to bolster threat detection and investigation within Microsoft 365 environments, providing security...

The story of Chaos RAT is emblematic of a larger cybersecurity trend: the migration of benign open-source tools into the shadowy corners of the cyber threat landscape. Once celebrated for their technical flexibility and communal development, these tools increasingly become the foundation for...

In the complex arena of cybersecurity, few challenges have hindered swift threat intelligence sharing as much as the long-standing inconsistency in threat actor naming conventions. Security professionals, from incident responders to CISOs, have faced moments of hesitation and confusion when...

In the rapidly evolving landscape of cybersecurity, organizations are increasingly turning to specialized service providers to safeguard their digital assets. Among these, Wizard Cyber has emerged as a notable contender, particularly for enterprises deeply integrated into Microsoft's ecosystem...

The cybersecurity landscape continues to evolve at an unprecedented pace, with malware creators and defenders locked in a relentless contest of innovation. Nowhere is this battle more apparent than in the dynamic interplay between cutting-edge malware packaging tools and the latest operating...

Any investigation into the volatile intricacies of Windows security inevitably draws the analyst’s focus to memory: a digital landscape where fleeting evidence, live threats, and operational secrets coexist in the blink of a process. Within this domain, memory analysis has become an...

In recent months, Commvault, a prominent data management and security firm, has been the target of sophisticated cyberattacks attributed to nation-state actors. These incidents have raised alarms within the cybersecurity community, prompting the U.S. Cybersecurity and Infrastructure Security...

The announcement of cyber threat activity targeting Commvault’s flagship SaaS cloud application, Metallic, marks a pivotal moment for cloud security and Managed Service Providers (MSPs), especially those tasked with safeguarding Microsoft 365 (M365) environments. As the wave of sophisticated...

Over the past year, the threat landscape for Windows users has evolved with increasing sophistication, and few examples illustrate this shift better than the rise of Lumma Stealer—a prolific infostealer that has aggressively targeted individuals and organizations across industries. The...

The rise of LummaC2 malware as a potent threat to organizational cybersecurity has garnered front-page attention among security professionals and system administrators alike, and with good reason: a joint advisory from the Federal Bureau of Investigation (FBI) and the Cybersecurity and...

The recently disclosed CVE-2025-29958 has brought new attention to the perennial issue of information disclosure vulnerabilities within core Windows networking services, specifically the Routing and Remote Access Service (RRAS). As enterprise and cloud environments increasingly rely on Windows...

In the rapidly evolving landscape of cyber-espionage, the convergence of zero-day vulnerabilities, niche third-party communications software, and geopolitically motivated actors presents formidable risks for organizations in sensitive regions. The recent disclosure by Microsoft Threat...

As Microsoft’s AI Incident Detection and Response team traces their way through the rough digital corridors of online forums and anonymous web boards, a new kind of cyber threat marks a stark escalation in the ongoing battle to preserve the integrity and safety of artificial intelligence...

Here is a summary of the recognition Trustwave received at the 2025 SC Awards, specifically for its Managed Security Service: Trustwave: Best Managed Security Service – SC Awards 2025 Awarded For: Managed Extended Detection and Response (MXDR) for Microsoft Target Clients: Organizations using...

Microsoft has unveiled a suite of AI-powered Security Copilot agents, now available in public preview, marking a significant advancement in cybersecurity automation. These agents are designed to streamline high-volume security tasks, enabling security teams to concentrate on more complex...

The cybersecurity landscape is undergoing a profound transformation, driven at its core by the rapid evolution of artificial intelligence (AI) and the dynamic nature of modern data flows. Jonathan Roizin, CEO of Flow Security—now part of CrowdStrike—offers a candid perspective on this shift...