July 27, 2022 - The Microsoft 365 Defender Research Team has warned that attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers.

May 10, 2022 - A deep dive into a sophisticated attack that used the Saitama backdoor.

December 9, 2021 - There are threat actors active that plant backdoors on websites so their malicious code does not get wiped with the next update.

June 1, 2021 - Kimsuky, the North Korean threat actor active since 2012, is still targeting the South Korean government. We take a look at the phishing infrastructure and command and control mechanisms of this APT.

April 30, 2021 - Signal told investigators it could not comply with a legal request for user records and communications because the records do not exist.