<?xml version="1.0" encoding="UTF-8"?><rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0">
    <channel>
        <title><![CDATA[ZeroFox Blog posts | RSS Feed]]></title>
        <description><![CDATA[Digital Risk Protection platform built for enterprises]]></description>
        <link>https://www.zerofox.com</link>
        <generator>RSS for Node</generator>
        <lastBuildDate>Sat, 04 Jul 2026 14:59:48 GMT</lastBuildDate>
        <atom:link href="https://www.zerofox.com/rss.xml" rel="self" type="application/rss+xml"/>
        <pubDate>Sat, 04 Jul 2026 14:59:48 GMT</pubDate>
        <copyright><![CDATA[Copyright 2026 By ZeroFox. All rights reserved]]></copyright>
        <item>
            <title><![CDATA[Is Doxxing Illegal? A State-by-State Breakdown for Security Teams]]></title>
            <description><![CDATA[<p>Is Doxxing Illegal? Yes, doxxing is illegal in many circumstances, but the answer depends on three things: what information was shared, the intent behind sharing it, and what state you&#8217;re in. There is no single federal law that bans doxxing by name. Instead, the United States regulates it through a patchwork of state statutes, federal [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/is-doxxing-illegal</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/is-doxxing-illegal</guid>
            <dc:creator><![CDATA[Maddie Bullock]]></dc:creator>
            <pubDate>Wed, 01 Jul 2026 10:12:34 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/07/iStock-1356706651.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[Intelligence That Acts: How the TIP Category Is Catching up to the Way Security Teams Work]]></title>
            <description><![CDATA[<p>For years, the threat intelligence platform (TIP) category rewarded data collection. The more feeds you ingested, the more indicators you normalized, the more dashboards you built, the better you scored. But ask any security team and they’ll tell you, they don’t need piles of data. TIPs in 2026 need to deliver intelligence that changes what [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/how-the-tip-category-is-catching-up</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/how-the-tip-category-is-catching-up</guid>
            <dc:creator><![CDATA[ZeroFox Team]]></dc:creator>
            <pubDate>Mon, 29 Jun 2026 09:45:39 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2025/07/iStock-1478940547.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[Disrupting the Phish-Hunters: Inside a Coordinated Impersonation of the Brand Protection Industry]]></title>
            <description><![CDATA[<p>TL;DR ZeroFox&#8217;s Signals Research Program has uncovered a sustained domain impersonation operation aimed squarely at the brand protection and threat intelligence industry. Seventy-three correlated domains, registered between July 2025 and June 2026, impersonate ZeroFox and at least four peer vendors (Corsearch (including its Incopro brand), Red Points, MarkScan, and Group-IB) alongside a long tail of [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/coordinated-impersonation-of-the-brand-protection-industry</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/coordinated-impersonation-of-the-brand-protection-industry</guid>
            <dc:creator><![CDATA[Carlos Alvarez]]></dc:creator>
            <pubDate>Thu, 25 Jun 2026 10:14:15 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/06/iStock-1973304533-1.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[The Patch Will Not Save You: Why IoT Defense Is Becoming an Intelligence Problem]]></title>
            <description><![CDATA[<p>Attackers are not waiting for your vulnerability management program to catch up. They are mining twenty years of forgotten flaws, automating exploitation at machine speed, and walking through segmentation that was never built to hold. The organizations that survive the next wave of IoT-targeted attacks will be the ones watching the adversary, not just the [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/iot-defense-becoming-intelligence-problem</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/iot-defense-becoming-intelligence-problem</guid>
            <dc:creator><![CDATA[Kelly Kuebelbeck]]></dc:creator>
            <pubDate>Wed, 24 Jun 2026 12:53:00 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/06/iStock-1580129316.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[Zerofox Joins eco &#8211; Association of the Internet Industry]]></title>
            <description><![CDATA[<p>Disrupting abuse starts with being in the room where relevant standards get made. When ZeroFox identifies a phishing site, a fraudulent social media profile, or an impersonation domain targeting one of our clients, the threat doesn&#8217;t disappear on its own. Someone has to get it removed. That means working directly with the registrars, hosting providers, [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/zerofox-joins-eco</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/zerofox-joins-eco</guid>
            <dc:creator><![CDATA[Carlos Alvarez]]></dc:creator>
            <pubDate>Mon, 22 Jun 2026 12:36:27 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/06/iStock-2184173110-900x675.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[From CVE to Breach in Under an Hour]]></title>
            <description><![CDATA[<p>How AI Is Closing the Window Between Disclosure and Exploitation Software vulnerability exploitation is having a moment. A very long moment that nobody can accurately predict the end of, because AI is accelerating how flaws get found and weaponized, shrinking the window from “publicly known” to “actively exploited” from months to days to hours. Let’s [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/from-cve-to-breach-in-under-an-hour</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/from-cve-to-breach-in-under-an-hour</guid>
            <dc:creator><![CDATA[Peter Lowe]]></dc:creator>
            <pubDate>Wed, 17 Jun 2026 10:55:56 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/06/iStock-999886736.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[Malicious Insider Threats: How Trusted Employees Turn Into Attackers]]></title>
            <description><![CDATA[<p>TL;DR on Malicious Insiders What Are Malicious Insider Threats? Intentional, or malicious, insider threats represent a significant attack vector in which likely disgruntled employees compromise organizations by misusing access to sensitive networks and data or abusing advantageous positioning to enact harm against their employer. Unlike accidental insider threats, intentional insider threat actors take deliberate and [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/malicious-insider-threats-how-trusted-employees-turn-into-attackers</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/malicious-insider-threats-how-trusted-employees-turn-into-attackers</guid>
            <dc:creator><![CDATA[Casey Bjorn]]></dc:creator>
            <pubDate>Thu, 11 Jun 2026 10:31:03 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/06/iStock-1033973812.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[Malware Sandboxing for SOC Teams: How to Detonate Files and URLs Safely]]></title>
            <description><![CDATA[<p>Most SOC shifts start the same way: a queue full of artifacts that might be malicious and not enough time to investigate every one deeply. A flagged attachment, a URL from a newly registered domain. Each one needs a verdict. Most are clean, but the one that isn&#8217;t could be the beginning of a breach, [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/malware-sandboxing-detonate-files</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/malware-sandboxing-detonate-files</guid>
            <dc:creator><![CDATA[Maddie Bullock]]></dc:creator>
            <pubDate>Wed, 10 Jun 2026 09:03:41 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/05/iStock-2206653076.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[Trust But Verif-AI: Because &#8220;Fine&#8221; Is Not an Answer]]></title>
            <description><![CDATA[<p>Every parent knows the answer &#8220;fine&#8221; covers a lot of ground. It can mean things genuinely are fine. It can also mean a failed exam, a friendship falling apart, or a situation the child has already decided you don’t need to know about. The word is technically an answer, but it’s not information. A good [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/trust-but-verif-ai</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/trust-but-verif-ai</guid>
            <dc:creator><![CDATA[Neil Correa]]></dc:creator>
            <pubDate>Mon, 08 Jun 2026 11:31:18 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/06/iStock-2153913550.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[Security Threats at the 2026 FIFA World Cup: What Intelligence Reveals Before Kickoff]]></title>
            <description><![CDATA[<p>Tickets for the 2026 FIFA World Cup are being sold on Telegram and credentials tied to fifa.com accounts are circulating on dark web marketplaces. A threat actor is even advertising server access allegedly linked to New York FIFA infrastructure. And the tournament hasn&#8217;t even started yet. The 2026 FIFA World Cup will be the biggest [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/security-threats-at-the-2026-fifa-world-cup-what-intelligence-reveals-before-kickoff</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/security-threats-at-the-2026-fifa-world-cup-what-intelligence-reveals-before-kickoff</guid>
            <dc:creator><![CDATA[Maddie Bullock]]></dc:creator>
            <pubDate>Fri, 05 Jun 2026 11:19:16 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2025/06/iStock-978321712.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[Malware Attacks: More Than Just Ransomware]]></title>
            <description><![CDATA[<p>Ransomware is all the buzz, but it isn&#8217;t the only malware attack. Take a closer look at malware to better understand the risks and how they work together.</p>
]]></description>
            <link>https://www.zerofox.com/blog/malware-attacks-more-than-just-ransomware</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/malware-attacks-more-than-just-ransomware</guid>
            <dc:creator><![CDATA[ZeroFox Team]]></dc:creator>
            <pubDate>Wed, 03 Jun 2026 10:08:05 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/05/iStock-1298325705.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[Detonate Malware Safely: When to Sandbox, Block, or Escalate]]></title>
            <description><![CDATA[<p>Every suspicious artifact that hits a SOC analyst&#8217;s queue forces the same decision: do I need to understand this before I act, or do I already know enough to act now? Get it wrong in one direction and you waste time analyzing something you should have blocked ten minutes ago. Get it wrong in the [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/detonate-malware-safely</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/detonate-malware-safely</guid>
            <dc:creator><![CDATA[Maddie Bullock]]></dc:creator>
            <pubDate>Wed, 27 May 2026 09:00:00 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/05/iStock-2221631233.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[How a Leading Airline Shut Down Social Impersonators and Phishing Comments in Under a Week]]></title>
            <description><![CDATA[<p>A customer drops a frustrated comment under a post: “Can someone help me with my booking?” Within minutes, a “support” account replies with a friendly tone, a sense of urgency, and a link that definitely doesn’t belong there. It looks and sounds like customer service, but it’s not. In reality, it&#8217;s a scammer acting at [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/airline-shut-down-social-impersonators-and-phishing-comments</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/airline-shut-down-social-impersonators-and-phishing-comments</guid>
            <dc:creator><![CDATA[ZeroFox Team]]></dc:creator>
            <pubDate>Wed, 20 May 2026 11:16:38 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/05/iStock-2147717228.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[When Data Means Conversations and Code: How AI-Powered Adversaries Are Rewriting the Rules of Targeted Attacks]]></title>
            <description><![CDATA[<p>For years, the security industry drew a fairly clear line around what &#8220;sensitive data&#8221; meant. Personal information, financial records, health data: the structured, regulated categories that compliance frameworks were built to protect. Encrypt it, tokenize it, and restrict access to it. The threat model was straightforward: if you protect the database, you protect the business. [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/ai-powered-adversaries</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/ai-powered-adversaries</guid>
            <dc:creator><![CDATA[Neil Correa]]></dc:creator>
            <pubDate>Wed, 13 May 2026 10:10:04 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2025/12/iStock-1332350872-2.jpg" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[When Phishing Takedowns Are Not Enough: ZeroFox vs. Netcraft for Enterprise Brand Protection]]></title>
            <description><![CDATA[<p>Netcraft has been in the internet security game since 1995, and they&#8217;ve earned a credible reputation for fast phishing detection and domain phishing takedowns. If your primary concern is malicious domains, they bring speed, automation, and deep relationships with internet infrastructure providers. But modern brand abuse doesn&#8217;t stop at phishing sites. Threat actors now impersonate [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/zerofox-vs-netcraft-enterprise-brand-protection</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/zerofox-vs-netcraft-enterprise-brand-protection</guid>
            <dc:creator><![CDATA[ZeroFox Team]]></dc:creator>
            <pubDate>Mon, 11 May 2026 08:56:33 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2025/10/Screenshot-2025-10-06-at-9.27.29-AM-1049x675.png" length="0" type="image/jpeg"/>
        </item>
        <item>
            <title><![CDATA[How Malware Sandboxing Closes the Confidence Gap in External Threat Intelligence]]></title>
            <description><![CDATA[<p>I&#8217;ve spent enough time in investigation queues to know what a bad workflow feels like. You get an alert. Something looks wrong. You already know it&#8217;s probably malicious, but &#8220;probably&#8221; doesn&#8217;t close a ticket or justify a takedown. You need confirmation. So you leave the platform, find the right tool, upload the file, wait, get [&hellip;]</p>
]]></description>
            <link>https://www.zerofox.com/blog/malware-sandboxing-closes-gap-in-external-threat-intelligence</link>
            <guid isPermaLink="false">https://www.zerofox.com/blog/malware-sandboxing-closes-gap-in-external-threat-intelligence</guid>
            <dc:creator><![CDATA[Josh Mayfield]]></dc:creator>
            <pubDate>Thu, 07 May 2026 10:44:04 GMT</pubDate>
            <enclosure url="https://content.zerofox.com/wp-content/uploads/2026/05/iStock-1730012119.jpg" length="0" type="image/jpeg"/>
        </item>
    </channel>
</rss>