LevelBlue Blog
Discover expert insights on the latest cybersecurity trends, challenges, and best practices shaping the industry today.
Business Email Compromise (BEC): Tracking a Threat Actor’s Funny Business
June 24, 2024 | Michael Venturella
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
Stories from the SOC – Combating “Security Alert” Scams
May 01, 2024 | Jesse Rodriguez
Executive Summary The “Security Alert” scam is a prevalent tech-support fraud ...
Stories from the SOC: BlackCat on the prowl
January 11, 2024 | James Rodriguez
This blog was co-authored with Josue Gomez and Ofer Caspi.
Stories from the SOC: Something smells phishy
January 09, 2024 | Michael Venturella
Executive summary In the current cyber landscape, adversaries commonly employ ...
Stories from the SOC: Proactive steps to protect customers from misconfigured MFA
November 16, 2023 | Julius Charles
Executive summary Multifactor authentication, or MFA, provides users with an ...
Stories from the SOC: Quishing – Combatting embedded malicious QR codes
October 10, 2023 | James Rodriguez
James Rodriguez – Senior Specialist, Cybersecurity
Stories from the SOC - Unveiling the stealthy tactics of Aukill malware
August 16, 2023 | Jacob Marabelli
Executive summary On April 21st, 2023, LevelBlue Managed Extended Detection and ...
Stories from the SOC: Fighting back against credential harvesting with ProofPoint
June 29, 2023 | Emine Akbulut
Executive summary Credential harvesting is a technique that hackers use to gain ...
Stories from the SOC – Phishing for credentials
November 21, 2022 | Franklin Calderon
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC: Feeling so foolish – SocGholish drive by compromise
October 17, 2022 | Ken Ng
Executive summary: SocGholish, also known as FakeUpdate, is a JavaScript ...
Stories from the SOC - C2 over Port 22
September 28, 2022 | Aaron Trofman
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC – Credential compromise and the importance of MFA
August 08, 2022 | Evan Carey
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - WannaCry malware
January 31, 2022 | Ian Schlesinger
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC -SolarWinds Sunburst attack with malicious file
August 25, 2021 | Kristen Perreault
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - Successful phishing attack
August 16, 2021 | Dustin Swening
Executive summary Every day, billions of emails are sent out, some legitimate, ...
Stories from the SOC - Sodinokibi Ransomware (REvil / BlueCrab)
August 10, 2021 | Ken Ng
Guest contributors to this blog: Brian Kerns and Vedran Tomljanovic.
Stories from the SOC - Office 365 account compromise and credential abuse
June 23, 2021 | Marcus Hogan
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC -SSH brute force authentication attempt tactic
May 18, 2021 | Todd Luft
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC – Propagating malware
March 24, 2021 | Dustin Swening
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC – DNS recon + exfiltration
March 12, 2021 | Sumner Meckel
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC – Beaconing Activity
March 02, 2021 | Sumner Meckel
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC – Multi-layered defense detects Windows Trojan
November 16, 2020 | Joe English
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC – Cloud and On-site Protection
September 28, 2020 | Edwardo Rodriguez
This blog was jointly authored by Josue Gomez
Stories from the SOC: Compromised account detected
August 04, 2020 | Edwardo Rodriguez
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - Credential Dumping
July 09, 2020 | Edwardo Rodriguez
Stories from the SOC is a blog series that describes recent real-world security ...
Stories from the SOC - detecting network anomalies with OTX
June 08, 2020 | Jeff LaCroix
This blog was co-written by Leo Garcia, Sr. Specialist - Cybersecurity..
Stories from the SOC- SSH Brute Force Authentication Attempt
June 03, 2020 | Andrew Lukosevic
Ervin McBride IV – TDP Engineer II contributed to this article.
Stories from the SOC - System compromise with lateral movement
May 26, 2020 | Josh Gomez
Executive Summary Stories from the SOC is a blog series that describes recent ...
