All Research

Exploring OAuth phishing and token-based abuse in Microsoft Entra ID through emulation and analysis of tokens, device behavior, and sign-in activity.

A high-fidelity emulation of the DPRK's largest cryptocurrency heist via a compromised macOS developer and AWS pivots.

Developed detection capabilities by investigating publicly known SNS abuse attempts for data exfiltration and phishing operations.

Explores how threat actors leverage Amazon S3's Server-Side Encryption with Customer-Provided Keys for ransom and extortion operations.

Investigating the implications of AWS STS AssumeRole and its potential for abuse in cloud environments.

Dive into threat detection strategies for the CUPS vulnerability.

Explore the newly released Detection Engineering Behavior Maturity Model (DEBMM) and its implications for security teams.

Investigating the rise of globally distributed stealers and their impact on organizations.

Unveiling the operations of GHOSTENGINE, a sophisticated crypto mining malware.

Exploring the capabilities of Elastic Security in monitoring and responding to threats targeting Okta.

A comprehensive guide to understanding Okta's features, capabilities, and security implications.

Exploring the capabilities of Google Cloud for enhancing cyber data analytics.

An intermediate guide to understanding the illicit cryptocurrency mining threat.