Free threat intelligence reports, security whitepapers, CVE advisories, and detection tools from our research team โ no registration required.
Comprehensive analysis of ransomware and cybercriminal activity targeting Latin American organizations in Q1 2026. Includes IOCs, TTPs mapped to MITRE ATT&CK, and sector-specific risk ratings.
Detailed analysis of Russian state-sponsored threat actor activity targeting government, defense, and critical infrastructure in LATAM. Attribution evidence and network IOCs included.
Tracking Mekotio, Grandoreiro, and BEC campaigns targeting Chilean and Colombian banking institutions. Phishing templates, infrastructure, and attribution details.
Every major AD attack technique โ Kerberoasting, AS-REP roasting, ADCS ESC1-13, DCSync, Golden/Silver Ticket โ with detection rules and hardening guidance for each.
Comprehensive catalog of AWS IAM privilege escalation paths with exploitation code, CloudTrail detection queries, and SCPs to prevent each vector.
How modern C2 frameworks blend into legitimate traffic, and how network defenders can build detection logic that identifies beacons despite heavy obfuscation.
Critical remote code execution vulnerability in Apache Struts 6.x actively exploited. Our team observed exploitation attempts within 6 hours of disclosure. Includes PoC analysis and detection rules.
Authentication bypass in Microsoft Entra ID allows attackers to forge session tokens and bypass MFA enforcement under specific conditional access configurations.
New JNDI injection vulnerability in a widely-deployed Java logging framework. Similar blast radius to Log4Shell. Mass exploitation expected within 24 hours.