Recon InfoSec | SecOps

Your Ransomware Incident Is Predictable. . .

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Andrew Cook

With decades of combined experience in emergency ransomware response, the Recon IR team has...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Macie Thompson

If you use a computer for work, you use email, it’s a standard in every industry today. Email is...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

In our experience working with SMB and enterprise IT teams, it is often unknown just how far and...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

Do you have resources on prem? In the cloud? How about in multiple clouds? How do you access them...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Luke Rusten

In this blog post we cover a widespread phishing campaign Recon recently observed targeting...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Andrew Cook

This guide will walk you through using CanaryTokens.org to generate a token and how to use that...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Andrew Cook

The recent Log4j vulnerability (CVE-2021-44228) is unprecedented in its global scope and impact....

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

In July, Eric & Whitney gave a talk titled "Breaches Be Crazy" at the SANS DFIR Summit outlining...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Andrew Cook

The Recon incident response team recently responded to a case of business email compromise. The...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

Now that we've normalized and enriched our events, let's get into the actual threat detection logic...