ZeroFox Blog posts | RSS Feed

Seeing Risk Isn’t Stopping Risk: What to Consider When Choosing an ASM Solution

Maddie Bullock — Wed, 08 Apr 2026 10:48:54 GMT

Your security team just got another report. Hundreds of exposed assets with dozens of flagged vulnerabilities. A dashboard full of findings, color-coded by severity, timestamped, and ready for review. None of them have been fixed yet. This is the reality for most SOC teams operating with an attack surface management tool today. Somewhere between “we […]

How to Quantify the Business Value of ZeroFox Threat Intelligence (And Why Forrester Did It For You)

Maddie Bullock — Wed, 01 Apr 2026 12:27:09 GMT

Let’s get the uncomfortable truth out of the way first: proving the value of threat intelligence is hard. Not because the value isn’t real, but because the best outcomes in security are the things that didn’t happen. There’s value in the avoided incidents. Takedowns that stopped a phishing campaign before it touched a single customer. […]

What the New NIST Secure DNS Deployment Guidance Means to Enterprises, According to a ZeroFox Expert

Carlos Alvarez — Thu, 26 Mar 2026 09:30:35 GMT

NIST’s updated guidance on secure DNS deployment has direct implications for how organizations protect their external digital presence. This is what you need to act on. The Domain Name System has long been treated as plumbing, like invisible infrastructure that just works. That perception is increasingly dangerous. In March 2026, the National Institute of Standards […]

Integrating Attack Surface Intelligence with Threat Intelligence: Moving from Visibility to Action

ZeroFox Team — Wed, 25 Mar 2026 11:14:57 GMT

The digital transformation has generated tremendous value for businesses, but it has also brought unprecedented exposure extending the external attack surface. Every organization now operates across a sprawling network of cloud services, web applications, social media accounts, third-party integrations, and interconnected systems. Shadow IT further compounds this sprawl as departments deploy services without centralized oversight. […]

Stop Threats, Don’t Just Study Them: How AI Is Transforming Attack Surface Intelligence

ZeroFox Team — Wed, 18 Mar 2026 11:08:08 GMT

Modern organizations succeed by expanding their offerings, updating their technologies, and meeting customers where they are. But the internet is a shared, high-risk environment, and the more you grow, the harder it is to balance your business needs with security. Meanwhile, traditional approaches to managing digital risk can no longer keep pace with an attack […]

Brand Monitoring and Enforcement: Why AI Alone Isn’t Enough

Maddie Bullock — Mon, 16 Mar 2026 13:23:33 GMT

AI-powered brand protection is having a moment. Across the market, new platforms promise fully autonomous detection, real-time campaign clustering, and automated takedowns across domains, social media, messaging apps, and more. The pitch is compelling: faster alerts, less manual work, and AI-native defense built for modern deception. But brand monitoring and enforcement are not the same […]

How Retail Companies Can Prevent Cyber Attacks with EASM

ZeroFox Team — Wed, 11 Mar 2026 09:47:52 GMT

In 2025, the Scattered Spider group shocked the retail sector with a barrage of ransomware attacks against well‑known UK companies, including Marks & Spencer (M&S) and Co‑op. The scale of these incidents—and the fact that three of the four people arrested in connection with the attacks were teenagers—highlighted the vulnerability of modern retail and its […]

Attack Surface Intelligence for Financial Services: Essential Guide for 2026

ZeroFox Team — Wed, 04 Mar 2026 13:02:46 GMT

Financial institutions have always been high-value targets. What’s changed is how many ways an attacker can reach them. Today’s financial ecosystem runs on cloud services, APIs, digital banking platforms, and third-party integrations that make transactions faster and customer experiences smoother. They also expand the number of internet-facing assets that can be scanned, tested, and exploited. […]

Why the Family is the New Attack Surface

Kelly Kuebelbeck — Wed, 11 Feb 2026 14:28:13 GMT

Executives do not live inside your network diagrams. They live in smart homes full of connected devices, with spouses and partners who share online by default and children whose digital lives spill across social platforms. That blended ecosystem has effectively become the perimeter of executive risk. The Invisible Target The Old Security Model No Longer […]

The Top Cyber Threats Facing the Milan 2026 Winter Olympics

Maddie Bullock — Wed, 04 Feb 2026 12:36:00 GMT

The Olympic Games are one of the few global moments where nearly everyone is watching the same thing at the same time. Athletes, fans, sponsors, broadcasters, volunteers, and organizers all converge on a single digital ecosystem. While everyone is focused on the events, the many websites, apps, ticketing platforms, social channels, and travel services are […]

Inside the Underground Economy of Social Engineering

Maddie Bullock — Mon, 02 Feb 2026 12:22:46 GMT

The phishing site was live for less than six hours. You’ve equipped your team with excellent threat intelligence and takedown services. Or so you thought. By the time the takedown request reached the appropriate provider, the infrastructure had already shifted. A new domain appeared with the same login page, your branding, and the same lure. […]

Ransomware Didn’t Slow Down in Q4. Here’s What That Means for 2026.

Maddie Bullock — Wed, 28 Jan 2026 09:00:00 GMT

A Record Quarter, Not an Outlier Your team is ready. They understand ransomware, the risks, and the stakes. But what does still catch teams off guard is how consistently the activity keeps climbing, even when experts expect it to slow down. In Q4 2025, ZeroFox Intelligence observed at least 2,091 ransomware and digital extortion incidents […]

2026 Geopolitical Risk Forecast: Signals Security Leaders Can’t Ignore

Maddie Bullock — Wed, 21 Jan 2026 12:17:15 GMT

The World Is Loud. These Are the Signals That Matter. The world has never been short on geopolitical headlines. But lately it can feel like we’re drowning in them. That overload leads to fatigue, both personally and for organizations, as the speed, scale, and proximity of risk continues to grow. At some point, even important […]

The Long Con Explained: How Romance Scams and AI-Enabled Social Engineering Steal Millions

Maddie Bullock — Wed, 07 Jan 2026 09:00:00 GMT

How emotional manipulation became the most profitable scam on the internet and why AI is accelerating the crime wave Long-con romance scams work by building emotional trust over weeks or months, then using AI-generated messages, personas, and deepfake media to steal money or sensitive information. Let’s see how it works in practice. Late one evening, […]

Cyber-Physical Risk: The New Frontier of Executive Liability

Kelly Kuebelbeck — Tue, 06 Jan 2026 13:52:47 GMT

Your home address is online. Your family’s routines can be inferred from public data. A convincing deepfake of you saying something inflammatory can spread globally in minutes. Traditional security teams might see these as three separate problems: one for data privacy, one for brand protection, and one for executive protection. But modern threat intelligence reveals […]

Is Bluesky Safe? A Complete Guide to Bluesky Security

ZeroFox Team — Mon, 29 Dec 2025 09:00:00 GMT

Bluesky has rapidly become home to communities of activists, journalists, and tech-savvy users. It’s particularly attractive to anyone seeking alternatives to mainstream social spaces where they can come together, share information, and collaborate on campaigns. While not yet as high-profile as X/Twitter, TikTok, or Facebook, the platform has doubled in size over the last year […]