💣 In The Register : "While AWS has long been in the crosshairs of many cloud-focused actors, the expansion to Azure and GCP credentials indicates there are other major contenders holding valuable data," wrote SentinelLabs's Alex Delamotte in a report with Permiso Security,

Beware of LUCR-3! 🚨 Threat actor that overlaps with Scattered Spider, Oktapus, UNC3944, & STORM-0875, they exploit IDPs for initial access & aim to steal IP for extortion. They use victims' tools and evade detection with expertise. Permiso Security permiso.io/blog/lucr-3-sc…

Excellent 🆕blog from Permiso Security on the most disruptive criminal intrusion set we're all working on. Blog details evasive techniques scattered across SaaS & multi-cloud environments.

We're excited to offer complimentary threat briefings on Scattered Spider. We'll share TTPs and other intel we've gathered about this group with the security community in order to help teams better defend against advanced threat actors in the cloud. hero.permiso.io/lucr-3-scatter…

We're excited to announce the launch of CloudGrappler, an open-source tool designed to help security teams detect threat actors like LUCR-3 (Scattered Spider) in their cloud environment. permiso.io/blog/cloudgrap…

We are thrilled to announce our $18.5M Series A funding led by Altimeter Capital in order to accelerate the development of our cloud detection and response (CDR) solution for all clouds that extends coverage into identity threat detection and response. permiso.io/blog/permiso-r…

In case you missed it, we're teaming up with KPMG to host a LUCR-3 (#ScatteredSpider) Threat Briefing. Dennis Labossiere and 1aN0rmus will provide tips on how to detect this group in your environment and provide tips on how to defend against them. hero.permiso.io/lucr-3-scatter…

We're excited to announce the launch of Cloud Console Cartographer, our latest open-source tool that helps security teams easily make sense of the noisy events generated in logs by activity conducted in AWS console! permiso.io/blog/introduci…

Scattered Spider and Russian Hackers are wreaking havoc on US companies, from MGM Resorts to UnitedHealth Group. Permiso Security is at the forefront of protecting businesses against these prolific adversaries!

Two Permiso research articles on the recent issue of CloudSecList! 1️⃣ Ian Ahl's: Deja Vu or New View: Latest Okta Credential Stuffing Campaign 2️⃣ Unmasking Adversary Cloud Defense Evasion Strategies: Modify Cloud Compute Infrastructure Part 1 cloudseclist.com/issues/issue-2…

Have you checked out #CloudGrappler yet? It's an open-source tool that detects activity related to well-known threat actors in #AWS and #Azure environments. permiso.io/blog/cloudgrap…

🚨 Introducing YetiHunter! 🚨 After assisting clients with #Snowflake investigations, the Permiso Security team created a utility that queries known indicators from recent attacks on Snowflake customers. 🔍 🔗 Tool & blog link in the comments!

We're excited to release YetiHunter - an open source tool that helps teams detect and hunt for suspicious activity in #Snowflake. Built by 1aN0rmus and Bleon Proko !

In their recent blog article on defending against #ScatteredSpider, SANS Institute references threat research from 1aN0rmus and the p0 Labs team. We're honored to be included of CrowdStrike, Mandiant (part of Google Cloud), CISA Cyber, Microsoft, twilio and Cloudflare. sans.org/blog/defending…

Permiso Security is bringing real-time identity security to our customers going beyond our proven threat detection capabilities powered by p0 Labs and launching the Universal Identity Graph to enable the unification of identity posture and identity threat detection in one

P0 Labs continues to share our unique insights from the front lines of responding to identity threats and releasing another open source tool to help the community.

Big thanks to Merav and Amitai Cohen 🎗️🤟 at Wiz for referencing our research on #AndroxGh0st and our open-source tool #CloudGrappler in their recent blog article! wiz.io/blog/mastering…

Today we are excited to announce the release of SkyScalpel, an open-source tool that helps red and blue teamers understand how policies could be obfuscated by threat actors to avoid detection in an environment. Daniel Bohannon and Abian Morina will be taking the stage today to

In our latest blog post, we discuss what security teams can learn from the Rippling lawsuit. We revisit 1aN0rmus's September 2023 blog post on LUCR-3 (#ScatteredSpider) where he was one of the first to demonstrate how threat actors leverage native search capabilities in SaaS

You can't protect what you don't know. We're thrilled to announce the upcoming launch of Permiso Discover, a free identity inventory & visibility for human, non-human and AI. Starting today, you can join the waitlist to gain early access to this powerful platform that helps you