Defying tunneling: A Wicked approach to detecting malicious network traffic
Follow the yellow brick tunnel for malware analysis of RATs and worms and spyware, oh my! Read our deep dive on network tunneling.
The Red Canary Blog: Information Security Insights
CopyObjection: Fending off ransomware in AWS
2 weeks 1 day ago
Why automated response is a necessity to thwart ransomware attacks in Amazon Web Service cloud environments
Jesse Griggs
The unusual suspects: Effectively identifying threats via unusual behaviors
3 weeks 1 day ago
In the world of identity, cloud, and SaaS, we must move beyond detecting explicitly malicious behaviors to detecting unusual behaviors.
Sam Straka
Intelligence Insights: January 2025
3 weeks 6 days ago
DarkGate returns and the Tangerine Turkey VBS worm peels off of USBs in this month's edition of Intelligence Insights
The Red Canary Team
Tangerine Turkey mines cryptocurrency in global campaign
3 weeks 6 days ago
Named by Red Canary, Tangerine Turkey is a VBscript worm delivered via USB that ultimately drops a cryptomining payload
Stef Rand
What we learned by integrating with Google Cloud Platform
4 weeks 1 day ago
An engineer behind Red Canary’s GCP integration recounts how we remodeled our detection engine to ingest millions of new telemetry logs
Whil Piavis
Incorporating AI agents into SOC workflows
1 month ago
With the right guardrails, AI agents quantifiably improve speed in your security operations center, without compromising accuracy
Jimmy Astle
Shrinking the haystack: The six phases of cloud threat detection
1 month 1 week ago
Red Canary parses through 6 billion telemetry records per day to detect threats in our customers’ cloud environments. Here’s how we do it.
Brian Davis
Shrinking the haystack: Building a cloud threat detection engine
1 month 1 week ago
A step-by-step guide to building a framework for ingesting billions of cloud telemetry records to detect and respond to cyber threats
Brian Davis
Intelligence Insights: December 2024
1 month 4 weeks ago
Paste and run persists and HijackLoader cuts the line to drop LummaC2 in this month's edition of Intelligence Insights
The Red Canary Team
Red Canary’s best of 2024
2 months ago
As Red Canary wraps up our first decade, take a look back at our best blogs, videos, guides, and webinars of the year.
Susannah Clark Matt
A defender’s guide to identity attacks
2 months ago
Everything defenders need to know about identity attack technqiues and how to protect your users and assets
Laura Brosnan
Single sign-on, double trouble: Credential theft using AWS access tokens
2 months 1 week ago
SSO access tokens can buy adversaries more time as they exfiltrate credentials and other sensitive information from a victim’s AWS CLI
Jesse Griggs
The three keys to threat hunting
2 months 1 week ago
Over the last decade, we’ve built Red Canary’s threat hunting framework to be deliberate, proactive, and iterative
Darrell Bohatec
Red Canary: At the heart of your security operations
2 months 1 week ago
Red Canary's ecosystem of integrations and tech partnerships ensures you have the data, tools, and expertise to keep your organization safe.
Kelly Horsford
The dark cloud around GCP service accounts
2 months 2 weeks ago
Google Cloud Platform security: How our threat research team gets from “huh, that's weird” to robust detection coverage
Dave Bogle
Storm-1811 exploits RMM tools to drop Black Basta ransomware
2 months 2 weeks ago
Storm-1811's latest help desk scam begins with email bombing leading to IT impersonation and ends with Black Basta ransomware
Red Canary Intelligence
Safeguard your identities with Red Canary + CrowdStrike Falcon® Identity Protection
2 months 3 weeks ago
Stay ahead of modern adversaries with real-time identity monitoring, threat detection, and response from Red Canary and CrowdStrike Falcon
Kelly Horsford
Intelligence Insights: November 2024
2 months 4 weeks ago
LummaC2 sets the table and gobbles up sensitive information in this month's edition of Intelligence Insights
The Red Canary Team
Why CISOs under consolidation pressure are embracing Microsoft Security solutions
3 months ago
Microsoft’s unified security workloads, combined with Red Canary’s detection and response expertise, can simplify your security posture.
Cordell BaanHofman
Checked
4 hours 58 minutes ago