Visualização normal

Antes de ontemStream principal

The Value of Microsoft Security Copilot: SCU Billing and Why Agent Design Matters

✇SpiderLabs Blog
Por:David Broggy
27 de Março de 2026, 11:00

Most organizations start by using Microsoft Copilot the way it looks in demos: type a question, get an answer. That works for exploration. For repeatable operational work, it gets expensive quickly.

How LevelBlue OTX and Cybereason XDR Detected a North Korea-Linked Remote IT Worker

✇SpiderLabs Blog
Por:Tue Luu
17 de Março de 2026, 11:00

Talk about dodging the insider threat from hell. From August 15 to 25, 2025, the SpiderLabs threat intel team, through the integration of LevelBlue OTX threat intelligence with Cybereason XDR behavioral analytics, detected a North Korea attempt to infiltrate an organization by replying to a help wanted ad.

  • ✇SpiderLabs Blog
  • Pwning Malware with Ninjas and Unicorns Cade Wriglesworth
    During a DFIR engagement, LevelBlue was asked to assist with reverse engineering a Linux malware sample detected in a client’s environment. After reverse-engineering most of the malware sample, I wanted to create tooling to easily decrypt its command-and-control (C2) traffic. This post covers part of the methodology used for reversing the related routines as well as the tool created to decrypt the C2 traffic.
     
  • ↗️

Pwning Malware with Ninjas and Unicorns

✇SpiderLabs Blog
Por:Cade Wriglesworth
16 de Fevereiro de 2026, 11:00

During a DFIR engagement, LevelBlue was asked to assist with reverse engineering a Linux malware sample detected in a client’s environment. After reverse-engineering most of the malware sample, I wanted to create tooling to easily decrypt its command-and-control (C2) traffic. This post covers part of the methodology used for reversing the related routines as well as the tool created to decrypt the C2 traffic.

Preparing for the AI Job Market: A Security Professional's Roadmap

✇SpiderLabs Blog
Por:David Broggy
14 de Janeiro de 2026, 12:00

Every now and then, LevelBlue SpiderLabs diverts a bit from its normal course of discussing vulnerabilities, ransomware attacks, and malware, and generates a public service blog to help those in the cybersecurity industry improve their skillset or better understand how the world is changing.

Preparing for the AI Job Market: A Security Professional's Roadmap

✇SpiderLabs Blog
Por:David Broggy
14 de Janeiro de 2026, 12:00

Every now and then, LevelBlue SpiderLabs diverts a bit from its normal course of discussing vulnerabilities, ransomware attacks, and malware, and generates a public service blog to help those in the cybersecurity industry improve their skillset or better understand how the world is changing.

How Researchers Collect Indicators of Compromise

✇SpiderLabs Blog
Por:Messiah Dela Cruz
14 de Agosto de 2025, 16:46

As security researchers, we actively monitor the latest CVEs and their publicly available exploits to create signatures. Beyond CVEs, we also hunt for malware on platforms such as MalwareBazaar, which enhances our visibility into attacks occurring across networks.

  • ✇SpiderLabs Blog
  • Data in the Dark: The Public Sector on the Dark Web
    The dark web serves as a refuge for threat actors to gather intel, trade illicit goods and tools, and network with other cybercriminals. Aside from allowing threat actors to connect and learn from other individuals who share the same interests, the dark web facilitates the procurement and peddling of stolen data to make cyberattacks even more effective and nefarious.
     
  • ↗️

Data in the Dark: The Public Sector on the Dark Web

✇SpiderLabs Blog
15 de Outubro de 2025, 09:45

The dark web serves as a refuge for threat actors to gather intel, trade illicit goods and tools, and network with other cybercriminals. Aside from allowing threat actors to connect and learn from other individuals who share the same interests, the dark web facilitates the procurement and peddling of stolen data to make cyberattacks even more effective and nefarious.

❌
❌