Distributed Reconnaissance: Defending the Enterprise Edge Against the JDY Botnet 

Distributed Reconnaissance: Defending the Enterprise Edge Against the JDY Botnet  TL;TR  The JDY botnet represents a massive escalation in state sponsored cyber threats. This network of over 1500 compromised small office and home office (SOHO) routers executes highly coordinated Distributed Reconnaissance. Instead of launching brute force attacks, it silently maps the global attack surface to identify vulnerable enterprise edge devices.

Preempting SolarWinds Serv-U Crashes: An Engineering Approach to Path Traversal Risks

Preempting SolarWinds Serv-U Crashes: An Engineering Approach to Path Traversal Risks TL;DR A critical unauthenticated path traversal vulnerability in SolarWinds Serv-U (CVE-2024-28995) is being actively exploited not just to read sensitive system files, but increasingly to crash servers. This poses a significant operational risk that generic, reactive patching cannot solve on its own. Preempting these

Choosing an External Threat Platform: 7 Evaluation Criteria for Security Leaders 

Choosing an External Threat Platform: 7 Evaluation Criteria for Security Leaders TL;DR  Most organizations invest heavily in internal security controls while external threats continue to grow across phishing infrastructure, fake applications, exposed assets, impersonation campaigns, and unmanaged digital exposure. Choosing the right External Threat Platform is no longer just a tooling decision. It is a strategic

The Evolution of Attack Surfaces: 2020 vs 2026

The Evolution of Attack Surfaces: 2020 vs 2026 TL;DR  The enterprise attack surface has not just expanded; it has fundamentally transformed. In 2020, security was built around a defined perimeter with controlled infrastructure. In 2026, that perimeter no longer exists. Cloud sprawl, SaaS adoption, APIs, remote work, and AI agents have created a distributed and constantly changing