Audit Active Directory Attack Paths with Bloodhound
In our experience working with SMB and enterprise IT teams, it is often unknown just how far and...
Another LastPass Breach and What You Should Know
As you have no doubt heard, LastPass has suffered yet another breach which makes at least 3...
Remote Access Done Right
Do you have resources on prem? In the cloud? How about in multiple clouds? How do you access them...
Recon's Guide to Testing for the Log4J Vulnerability using Canarytokens
This guide will walk you through using CanaryTokens.org to generate a token and how to use that...
Recon's SOAR Playbook To Detect Log4J Exploitation
The recent Log4j vulnerability (CVE-2021-44228) is unprecedented in its global scope and impact....
Scaling Enterprise Forensic Timelining
In July, Eric & Whitney gave a talk titled "Breaches Be Crazy" at the SANS DFIR Summit outlining...
OPENSOC @ DEF CON 29
It’s that time of year again - DEF CON! We were thrilled to run OpenSOC again at DEF CON this year,...
An Encounter with Ransomeware-as-a-Service: MEGAsync Analysis
Recon's SOC recently responded to an attempted ransomware and extortion attack. It had all the...
An Encounter With TA551/Shathak
The Recon incident response team recently responded to a case of business email compromise. The...
Threat Hunting - A Critical Component of High Performing SOCs
Whether your cybersecurity detection and response capabilities are in-house or managed through a...