Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Episode 18 - Live Fire Defense at Locked Shields

In this episode, host Richard Bejtlich sits down with Corelight Senior Sales Engineers Adam Donadeo and Nico Roosenboom to unpack their firsthand experiences at Locked Shields, the world’s largest international live-fire cyber defense exercise. The conversation dives deep into the chaotic, real-world friction of defending a massive virtualized network alongside 4,000 global experts against aggressive red team waves.

DNS Log File Your Guide to Uncovering Hidden Threats

Your firewall says nothing is wrong. Your EDR has a few low-confidence alerts. Users aren't reporting outages. But something still feels off. That's the exact situation where a DNS log file stops being “just another log” and turns into one of the most useful artifacts in the environment. Attackers lean on DNS because every network depends on it, it is often treated as background noise, and suspicious lookups can blend into legitimate traffic for a long time.

5 Essential Cybersecurity Defenses for Cloud Email Security

Cloud email has become the center of modern business. Regardless of your organization's industry or size, email connects employees, customers, vendors, executives, financial systems and critical business processes. Unfortunately, attackers know this too. For cybercriminals, compromising an email account is often like finding the master key to a building. Once inside, they may be able to steal information, impersonate employees, redirect payments, spread malware or gain access to other systems.

Cybercriminals Are Targeting the FIFA World Cup 2026

Lead Analysts: Jeewan Singh Jalal and Louis Tiley KnowBe4 ThreatLabs tracked phishing campaign activity from the first week of April through June 22, 2026 — covering the pre-tournament build-up, tournament kickoff and the first twelve days of live match play. Our latest intelligence adds crucial mid-tournament telemetry (June 15-22), a newly identified reply-back campaign track and additional infrastructure intelligence.