Thoughts and articles by Cyooda
All
- All
- Cybersecurity
- Detection Engineering
- How To Guides
- Ransomware Insights
- Security Insights
The Email That Never Arrived: Inside a Real Business Email Compromise
The picture above is thirty years old, yet its message still hold true today. Our legal and business systems are built on the assumption that we know who we're dealing...
AML Tranche 2 and Cybersecurity: Same Problem, Different Regulator
Australian law firms are spending serious time and money preparing for AML Tranche 2. And they should be. The Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024 brings legal...
First 24 Hours Post-Breach: Key to Your Firm’s Next Year
Your Firm's First 24 Hours After a Breach Will Define the Next 12 Months In every incident I've worked, from compromised email accounts at mid-tier firms to full-scale ransomware events...
Fractional Security Leadership: The vCISO Model for Law Firms
The security questionnaire from your largest client just landed. It's 200 questions. Your IT provider can answer maybe 40 of them. The rest require someone who understands your firm's risk...
Cybersecurity news from around the world
Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices
Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people's traffic. Working with the FBI, Lumen, and others, Google's Threat...
What the Numbers Say About FIFA 2026 Cyber Risk
The FIFA World Cup 2026 opened on June 11. By that date, according to Check Point Research, the fraud infrastructure targeting it had already been built, staged, and partially deployed....
Who Runs the Ransomware Group ‘The Gentlemen?’
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment...
Investigating suspicious AI workflows in Microsoft Entra Agent ID: Autonomous agents
AI agents are rapidly on their way to becoming the dominant actor within the environments we're responsible for securing. Fortunately, vendors are starting to treat this new reality seriously by...
Spring cleaning your browser
There's something so satisfying about a good spring cleaning: the kind where you open the windows, clear the clutter, and finally deal with the things you've been ignoring all winter...
AI-generated hunting leads: The hunt starts before you ask the question
Threat hunting has always been a human art; a practitioner staring at logs, forming a hypothesis, and patiently chasing it down. What if the hardest part of the hunt (knowing...
DFIR: From alert to root cause using Osquery without leaving Elastic Security
Modern DFIR doesn't start with a disk image. That model worked when environments were smaller, endpoints were static, and time wasn't the primary constraint. Endpoints are now ephemeral, fleets scale...
Defending Your Enterprise When AI Models Can Find Vulnerabilities Faster Than Ever
Secure Your Code Organizations have historically focused on patching and securing tangible assets like laptops, servers, and network infrastructure. In today's threat landscape, that same discipline must be applied to...
The Legal Cyber Brief — monthly cyber intelligence for law firm leaders.