Threat Intelligence & Research
Original research, PreBreach intelligence insights, and security best practices from our cybersecurity experts.
How Threat Actors Abuse Microsoft's Login Infrastructure to Increase Phishing Success Rates
Threat actors are increasingly abusing Microsoft's legitimate authentication infrastructure to improve phishing success rates, evade detection, and gain access to corporate accounts. Learn how these attacks work and what defenders should monitor.
Inside “SalatStealer” — Reverse Engineering a YouTube Bitcoin Brute Tool Malware
When Malware Wears a Brand: Zoom Lure → Fake Microsoft Marketplace → Remote Access via Zoho
A new attack chain uses brand impersonation and legitimate tools to bypass detection—turning everyday collaboration into a covert entry point.
GraphQL Phishing: Gmail-Themed Credential Harvesting Behind Cloudflare
Operation Gauloises: How One Operator Bridges the DarkWeb to the Levant via Whish Money
Technical Analysis of DarkWeb Liquidity Off-Ramping via Levantine Fintech
Device Authentication Phishing: Account Takeover via Microsoft Device Code Flow
How attackers exploit Microsoft device code flow to bypass MFA and gain persistent account access
Autumn Dragon: China-nexus APT Group Targets South East Asia
Get Our Report
Autumn Dragon: China-nexus APT Group Targets South East Asia
A China-nexus threat actor has been observed using a chain of DLL sideloading attacks to compromise government and media organizations across Singapore, Laos, Cambodia, Indonesia and the Philippines.
DownloadSign up for access
Advanced phishing and malware forensics to protect identity asset ownership before your organizations compromised credentials reach the dark web
Get proactive, prebreach intelligence
Be an early adopter with enhanced support and input on feature development
Limited time early adopter pricing
Get an edge over your competition