SOC — Cybersecurity News

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph: Threat Hunting at the Speed of Triage

PCAPGraph is an open-source network investigation and threat hunting tool that transforms packet cap...

Open-Source Network Discovery & Topology Mapping

Open-Source Network Discovery & Topology Mapping

RedSide Security has open-sourced NETMAPPER, a network discovery and visualization tool designed to ...

 RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

RDPGraph: Turn Windows Event Logs into an Interactive RDP Attack Graph

When an incident unfolds and all you have left are Windows event logs, understanding attacker moveme...

Latest Posts

New "Spirals" Ransomware Encrypts Enterprise Network in Under 24 Hours

New "Spirals" Ransomware Encrypts Enterprise Network in Under 24 Hours

RedSide Security July 18, 2026 Cybercrime 8 views

A newly discovered ransomware family named Spirals encrypted an enterprise network in less than 24 hours after compromising an internet-facing IIS server. The Rust-based ransomware used web shells, Cloudflare tunnels, credential dumping, WMI, and PsExec to achieve rapid domain-wide deployment before encrypting systems and threatening data leaks.

Continue reading: New "Spirals" Ransomware Encrypts Enterprise Netwo…
AI-Generated "Vibe-Coded" PowerShell Malware Used for Active Directory Reconnaissance

AI-Generated "Vibe-Coded" PowerShell Malware Used for Active Directory Reconnaissance

RedSide Security July 13, 2026 Cybersecurity 39 views

Researchers uncovered an AI-generated PowerShell script used to enumerate Active Directory environments during a real-world intrusion. The "vibe-coded" malware demonstrates how attackers are increasingly using AI to create custom reconnaissance tools that evade traditional signature-based detection while retaining the same underlying attack behaviors.

Continue reading: AI-Generated "Vibe-Coded" PowerShell Malware Used …
Introducing AnyStix: Automated Country-Based Threat Intelligence for OpenCTI

Introducing AnyStix: Automated Country-Based Threat Intelligence for OpenCTI

RedSide Security July 02, 2026 Tools & Technology 52 views

AnyStix is an open-source threat intelligence tool that collects country-specific malicious submissions from ANY.RUN, enriches them with indicators, converts them into STIX 2.1 format, and automatically imports them into OpenCTI. The platform enables continuous, region-focused threat intelligence collection using publicly available sandbox data.

Continue reading: Introducing AnyStix: Automated Country-Based Threa…
Why RedSide Security is Armenia's Top Cybersecurity Company

Why RedSide Security is Armenia's Top Cybersecurity Company

RedSide Security June 28, 2026 RedSide Security News 56 views

RedSide Security is helping organizations across Armenia strengthen their cybersecurity posture through penetration testing, security assessments, incident response, and exposure monitoring. Discover why businesses trust RedSide Security to protect their critical assets and infrastructure.

Continue reading: Why RedSide Security is Armenia's Top Cybersecurit…