top of page
ALL POSTS
Identity-Based Attacks: How Adversaries Bypass Security by Walking Through the Front Door
Key Findings Stolen credentials remain the most reliable initial access vector for attackers, despite industry focus on zero-days and sophisticated exploits Identity-based attacks are accelerating due to AI automation of credential testing, custom tooling development, and phishing sophistication Traditional linear incident response models fail against real-world breaches that evolve and expand unpredictably The Dynamic Approach to Incident Response (DAIR) uses iterative loops
Apr 213 min read
Google Uncovers Global Cyber Threat: China, Iran, Russia, and North Korea Coordinated Defense Sector Attacks
Key Findings: Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have targeted the defense industrial base (DIB) sector. The adversarial targeting is centered around four key themes: striking defense entities in the Russia-Ukraine War, approaching employees and exploiting the hiring process, using edge devices/appliances for initial access, and supply chain risk from manufacturing breaches. Notable threat actors
Feb 142 min read
bottom of page
