How does a nation-state actor turn an everyday admin tool into a backdoor?
Weaponizing the Update Button: How Nation-State Actors Hijacked Notepad++ and What XDR Saw
Compromise the tool, and you’ve compromised the most privileged hands in the building. Tune in to see how the nation-state threat group, Blossom Taurus (aka Lotus Blossom) hijacked the trust between a developer and their users to create a backdoor infection vector. Attackers have realized that if they can compromise the update, they don’t have to spend weeks trying to find a hole in your perimeter. They just wait for you to invite them in by simply using the update button.
How can my organization defend and protect against a Linux threat?
Unmasking CL-UNK-1068: Defending the Linux Backbone with Behavioral Analytics
Think your Linux servers are safe? Think again. In this episode of Threat Vector Investigates, security experts break down CL-UNK-1068, a sophisticated threat actor that evaded detection for five years by targeting the Linux operating system. Discover why traditional anti-virus misses these stealthy attacks and how modern behavioral analytics stop credential theft at the kernel level before your data leaves the building.
Read the blog
Why are frontier AI models a threat to my organization’s security?
Frontier AI vs. SOC: Mastering Autonomous Defense
As frontier AI models demonstrate the ability to compress years of vulnerability research into hours, the window for traditional defense is closing. This briefing explores how frontier models can uncover decades-old zero-day vulnerabilities and automate
complex exploit chaining across core infrastructure. Learn why SOCs must pivot to autonomous SecOps and real-time response to survive an era where advanced nation-state capabilities are becoming commonplace.
Read the blog
What are the latest tactics, techniques and procedures that cybercrime groups are using that I should be aware of?
Unmasking Boggy Serpens: The AI-Powered Evolution of Cyber Espionage
Get the inside scoop on how Boggy Serpens is using GenAI and Rust-based malware to hijack "trusted" accounts and bypass traditional security. You'll learn how to close the gaps in your defense by connecting the dots between email, endpoint and network data to
stop these high-speed, identity-driven attacks.
Read the blogCan I catch an exploit before it’s known to the public?
Intercepting the ToolShell Zero-Day Before the Headlines
Go behind the scenes of a pre-disclosure discovery to see how threat hunters identified a critical Remote Code Execution chain targeting Sharepoint servers 24 hours before the CVE was released.
How do I detect a silent persistent threat with no malicious activity?
The Detection Nightmare: Years Pass Without a Move
Explore the economy of "access brokers" who maintain dormant network footholds for years, and learn why detecting these silent threats requires analyzing statistical anomalies and process deviations rather than waiting for malicious execution.
Can I stop a software supply chain attack hidden in a business tool?
The 3CX Supply Chain Attack: When Trusted Software Turns Malicious
Go inside the Lazarus Group’s attack methodology to understand how they weaponized a legitimate application, and why analyzing software behavior—not just digital signatures—is the only way to stop supply chain attacks before they are disclosed.