The Red Canary Blog: Information Security Insights

In the world of identity, cloud, and SaaS, we must move beyond detecting explicitly malicious behaviors to detecting unusual behaviors.

DarkGate returns and the Tangerine Turkey VBS worm peels off of USBs in this month's edition of Intelligence Insights

Named by Red Canary, Tangerine Turkey is a VBS worm delivered via USB that ultimately drops a cryptomining payload

An engineer behind Red Canary’s GCP integration recounts how we remodeled our detection engine to ingest millions of new telemetry logs

With the right guardrails, AI agents quantifiably improve speed in your security operations center, without compromising accuracy

Red Canary parses through 6 billion telemetry records per day to detect threats in our customers’ cloud environments. Here’s how we do it.

A step-by-step guide to building a framework for ingesting billions of cloud telemetry records to detect and respond to cyber threats

Paste and run persists and HijackLoader cuts the line to drop LummaC2 in this month's edition of Intelligence Insights

As Red Canary wraps up our first decade, take a look back at our best blogs, videos, guides, and webinars of the year.

Everything defenders need to know about identity attack technqiues and how to protect your users and assets

SSO access tokens can buy adversaries more time as they exfiltrate credentials and other sensitive information from a victim’s AWS CLI

Over the last decade, we’ve built Red Canary’s threat hunting framework to be deliberate, proactive, and iterative

Red Canary's ecosystem of integrations and tech partnerships ensures you have the data, tools, and expertise to keep your organization safe.

Google Cloud Platform security: How our threat research team gets from “huh, that's weird” to robust detection coverage

Storm-1811's latest help desk scam begins with email bombing leading to IT impersonation and ends with Black Basta ransomware 

Stay ahead of modern adversaries with real-time identity monitoring, threat detection, and response from Red Canary and CrowdStrike Falcon

LummaC2 sets the table and gobbles up sensitive information in this month's edition of Intelligence Insights

Microsoft’s unified security workloads, combined with Red Canary’s detection and response expertise, can simplify your security posture.

In spite of Chrome’s new encryption feature, infostealers like Stealc, VIdar, and LummaC2 are still getting their hands in the cookie jar.

The redesigned Atomic Red Team website features a new browser interface, improved search capabilities, and easier test execution