ZeroFox Blog posts | RSS Feed

How a Leading Airline Shut Down Social Impersonators and Phishing Comments in Under a Week

ZeroFox Team — Wed, 20 May 2026 11:16:38 GMT

A customer drops a frustrated comment under a post: “Can someone help me with my booking?” Within minutes, a “support” account replies with a friendly tone, a sense of urgency, and a link that definitely doesn’t belong there. It looks and sounds like customer service, but it’s not. In reality, it’s a scammer acting at […]

When Data Means Conversations and Code: How AI-Powered Adversaries Are Rewriting the Rules of Targeted Attacks

Neil Correa — Wed, 13 May 2026 10:10:04 GMT

For years, the security industry drew a fairly clear line around what “sensitive data” meant. Personal information, financial records, health data: the structured, regulated categories that compliance frameworks were built to protect. Encrypt it, tokenize it, and restrict access to it. The threat model was straightforward: if you protect the database, you protect the business. […]

When Phishing Takedowns Are Not Enough: ZeroFox vs. Netcraft for Enterprise Brand Protection

ZeroFox Team — Mon, 11 May 2026 08:56:33 GMT

Netcraft has been in the internet security game since 1995, and they’ve earned a credible reputation for fast phishing detection and domain phishing takedowns. If your primary concern is malicious domains, they bring speed, automation, and deep relationships with internet infrastructure providers. But modern brand abuse doesn’t stop at phishing sites. Threat actors now impersonate […]

How Malware Sandboxing Closes the Confidence Gap in External Threat Intelligence

Josh Mayfield — Thu, 07 May 2026 10:44:04 GMT

I’ve spent enough time in investigation queues to know what a bad workflow feels like. You get an alert. Something looks wrong. You already know it’s probably malicious, but “probably” doesn’t close a ticket or justify a takedown. You need confirmation. So you leave the platform, find the right tool, upload the file, wait, get […]

What We Feel Makes a Leader in the Gartner® Magic Quadrantᵀᴹ for Cyberthreat Intelligence Technologies

ZeroFox Team — Tue, 05 May 2026 09:21:38 GMT

The cyber threat intelligence market is evolving from pieced together systems to unified platforms. What used to be a landscape of necessary but siloed tools, one for digital risk protection, another for threat feeds, another for takedowns, is converging into a single discipline where discovery, validation, and disruption all need to work together. We think […]

PSI Regional Forecasts: Because Your Security Team Shouldn’t Be the Last to Know

Esmeralda Sayagues — Tue, 21 Apr 2026 09:50:54 GMT

ZeroFox PSI Regional Forecasts give security teams a monthly forward look at the threats most likely to affect their operations. Delivered directly in the ZeroFox platform, before incidents happen. The Problem With Reactive Security Most physical security programs run in the same loop: an incident happens, the team mobilizes, and an after-action report gets filed. […]

The Claude Mythos Problem: AI Vulnerability Scanning Has Trust Issues

Nico Flores — Mon, 20 Apr 2026 11:27:45 GMT

When frontier AI scanning capability lands inside organizations with competitive incentives and Anthropic’s oversight telemetry remains unspecified, the threat model gets a lot wider than jailbreakers and dark web exploit sellers. Anthropic’s announcement of Claude Mythos Preview landed the way most frontier AI milestones do: as a security story dressed in a safety narrative. The […]

Seeing Risk Isn’t Stopping Risk: What to Consider When Choosing an ASM Solution

Maddie Bullock — Wed, 08 Apr 2026 10:48:54 GMT

Your security team just got another report. Hundreds of exposed assets with dozens of flagged vulnerabilities. A dashboard full of findings, color-coded by severity, timestamped, and ready for review. None of them have been fixed yet. This is the reality for most SOC teams operating with an attack surface management tool today. Somewhere between “we […]

How to Quantify the Business Value of ZeroFox Threat Intelligence (And Why Forrester Did It For You)

Maddie Bullock — Wed, 01 Apr 2026 12:27:09 GMT

Let’s get the uncomfortable truth out of the way first: proving the value of threat intelligence is hard. Not because the value isn’t real, but because the best outcomes in security are the things that didn’t happen. There’s value in the avoided incidents. Takedowns that stopped a phishing campaign before it touched a single customer. […]

What the New NIST Secure DNS Deployment Guidance Means to Enterprises, According to a ZeroFox Expert

Carlos Alvarez — Thu, 26 Mar 2026 09:30:35 GMT

NIST’s updated guidance on secure DNS deployment has direct implications for how organizations protect their external digital presence. This is what you need to act on. The Domain Name System has long been treated as plumbing, like invisible infrastructure that just works. That perception is increasingly dangerous. In March 2026, the National Institute of Standards […]

Integrating Attack Surface Intelligence with Threat Intelligence: Moving from Visibility to Action

ZeroFox Team — Wed, 25 Mar 2026 11:14:57 GMT

The digital transformation has generated tremendous value for businesses, but it has also brought unprecedented exposure extending the external attack surface. Every organization now operates across a sprawling network of cloud services, web applications, social media accounts, third-party integrations, and interconnected systems. Shadow IT further compounds this sprawl as departments deploy services without centralized oversight. […]

Stop Threats, Don’t Just Study Them: How AI Is Transforming Attack Surface Intelligence

ZeroFox Team — Wed, 18 Mar 2026 11:08:08 GMT

Modern organizations succeed by expanding their offerings, updating their technologies, and meeting customers where they are. But the internet is a shared, high-risk environment, and the more you grow, the harder it is to balance your business needs with security. Meanwhile, traditional approaches to managing digital risk can no longer keep pace with an attack […]

Brand Monitoring and Enforcement: Why AI Alone Isn’t Enough

Maddie Bullock — Mon, 16 Mar 2026 13:23:33 GMT

AI-powered brand protection is having a moment. Across the market, new platforms promise fully autonomous detection, real-time campaign clustering, and automated takedowns across domains, social media, messaging apps, and more. The pitch is compelling: faster alerts, less manual work, and AI-native defense built for modern deception. But brand monitoring and enforcement are not the same […]

How Retail Companies Can Prevent Cyber Attacks with EASM

ZeroFox Team — Wed, 11 Mar 2026 09:47:52 GMT

In 2025, the Scattered Spider group shocked the retail sector with a barrage of ransomware attacks against well‑known UK companies, including Marks & Spencer (M&S) and Co‑op. The scale of these incidents—and the fact that three of the four people arrested in connection with the attacks were teenagers—highlighted the vulnerability of modern retail and its […]

Attack Surface Intelligence for Financial Services: Essential Guide for 2026

ZeroFox Team — Wed, 04 Mar 2026 13:02:46 GMT

Financial institutions have always been high-value targets. What’s changed is how many ways an attacker can reach them. Today’s financial ecosystem runs on cloud services, APIs, digital banking platforms, and third-party integrations that make transactions faster and customer experiences smoother. They also expand the number of internet-facing assets that can be scanned, tested, and exploited. […]

Why the Family is the New Attack Surface

Kelly Kuebelbeck — Wed, 11 Feb 2026 14:28:13 GMT

Executives do not live inside your network diagrams. They live in smart homes full of connected devices, with spouses and partners who share online by default and children whose digital lives spill across social platforms. That blended ecosystem has effectively become the perimeter of executive risk. The Invisible Target The Old Security Model No Longer […]