Fragmentation Defined 2025's Threat Landscape. Here's What It Means for 2026
The global threat landscape didn't simplify in 2025 — it shattered. The 2026 State of Security report represents Insikt Group's most comprehensive threat int...
General
20 articles
Bypassing Administrator Protection by Abusing UI Access
In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didn’t exi...
Securing Every Identity in the Age of AI
Securing every identity in the age of AI is foundational. Discover how Palo Alto Networks and CyberArk redefine identity security for the modern enterprise.
From 27 Steps to 5: How Recorded Future Reimagined Threat Hunting with Autonomous Threat Operations
Discover how Autonomous Threat Operations reduces 27 manual steps to as few as 5 largely automated ones, delivering the speed, scale, and effectiveness that ...
Taxing times: Top IRS scams to look out for in 2026
It’s time to file your tax return. And cybercriminals are lurking to make an already stressful period even more edgy.
OfferUp scammers are out in force: Here’s what you should know
The mobile marketplace app has a growing number of users, but not all of them are genuine. Watch out for these common scams.
A slippery slope: Beware of Winter Olympics scams and other cyberthreats
It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these best practices.
Autonomous Threat Operations in action: Real results from Recorded Future’s own SOC team | Recorded Future
This article explores how Recorded Future served as Customer Zero for Autonomous Threat Operations, testing the new solution within our own SOC to validate i...
This month in security with Tony Anscombe – January 2026 edition
The trends from January offer useful clues about the risks and priorities that security teams are likely to contend with throughout the year
Celebrating our 2025 open-source contributions
Last year, our engineers submitted over 375 pull requests that were merged into non–Trail of Bits repositories, touching more than 90 projects from cryptogra...
DynoWiper update: Technical analysis and attribution
ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector
Building cryptographic agility into Sigstore
Software signatures carry an invisible expiration date. The container image or firmware you sign today might be deployed for 20 years, but the cryptographic ...
No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network
Introduction This week Google and partners took action to disrupt what we believe is one of the largest residential proxy networks in the world, the IPIDEA p...
New Android Theft Protection Feature Updates: Smarter, Stronger
Posted by Nataliya Stanetsky, Fabricio Ferracioli, Elliot Sisteron, Irene Ang of the Android Security Team Phone theft is more than just losing a device; it'...
Drowning in spam or scam emails? Here’s probably why
Has your inbox recently been deluged with unwanted and even outright malicious messages? Here are 10 possible reasons – and how to stem the tide.
Bypassing Windows Administrator Protection
A headline feature introduced in the latest release of Windows 11, 25H2 is Administrator Protection. The goal of this feature is to replace User Account Cont...
Children and chatbots: What parents should know
As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development
Common Apple Pay scams, and how to stay safe
Here’s how the most common scams targeting Apple Pay users work and what you can do to stay one step ahead
Old habits die hard: 2025’s most common passwords were as predictable as ever
Once again, data shows an uncomfortable truth: the habit of choosing eminently hackable passwords is alive and well
Why LinkedIn is a hunting ground for threat actors – and how to protect yourself
The business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they...