Breach

Investigative analysis of the Snowflake 2024 breach campaign involving credential theft and data exfiltration affecting multiple organizations using the cloud data platform.

Analysis of the 2023 Okta support system breach in which attackers accessed internal customer support records and authentication-related data from Okta's case management platform.

Investigative analysis of the MGM Resorts cyberattack in 2023 where social engineering led to widespread system outages across casinos, hotels, and digital services.

Investigative analysis of the Caesars Entertainment breach in 2023 where attackers accessed loyalty program data following a social engineering intrusion.

Technical analysis of the MOVEit Transfer breach in which attackers exploited CVE-2023-34362 to steal sensitive data from hundreds of organizations worldwide.

Technical analysis of the 2022 Uber breach in which an attacker gained access to internal systems after compromising employee credentials through social engineering techniques.

Technical analysis of the 2022 LastPass security incident involving unauthorized access to internal development environments and encrypted customer vault backups.

Technical analysis of attacks exploiting CVE-2022-26134, a critical remote code execution vulnerability in Atlassian Confluence that allowed attackers to compromise internet-facing collaboration servers.

Investigative analysis of the T-Mobile 2021 data breach exposing personal information of more than 76 million individuals following unauthorized access to telecom databases.

Technical analysis of the Colonial Pipeline ransomware attack in which the DarkSide group compromised corporate systems and forced a shutdown of the largest fuel pipeline in the United States.

Investigative analysis of the LinkedIn 2021 data breach where information from roughly 700 million user profiles was collected and circulated online through large-scale data scraping operations.

Technical analysis of the SolarWinds supply chain breach in which attackers compromised the Orion software update process and deployed the SUNBURST backdoor to thousands of organizations worldwide.

Investigative analysis of the Facebook 2021 data leak involving 533 million user records exposed through large-scale data scraping and distributed online.

Technical analysis of the 2019 Capital One data breach involving exploitation of a server-side request forgery vulnerability and misconfigured cloud infrastructure that exposed sensitive financial data.

Technical analysis of the 2017 Equifax breach in which attackers exploited CVE-2017-5638 in Apache Struts to access sensitive personal information of millions of individuals.

Investigative analysis of the Experian 2015 breach that exposed personal and credit application data belonging to approximately 15 million individuals.

Investigative analysis of the Anthem healthcare data breach that exposed personal information belonging to roughly 78 million individuals.

Investigative analysis of the Marriott Starwood data breach affecting roughly 500 million guests, examining how attackers maintained long-term access and exposed extensive personal travel records.

Technical analysis of the 2013 Target data breach in which attackers infiltrated the retailer's network through a third-party vendor and deployed point-of-sale malware to steal millions of payment card records.

Investigative analysis of the Adobe 2013 breach exposing over 153 million user accounts, including encrypted passwords and internal source code.

Investigative analysis of the Yahoo 2013 breach, the largest known account compromise in internet history, examining how attackers obtained data belonging to roughly three billion users.