Duty Analyst: Moises Salas Lopez

Blog

Insights & Blog

Research, detection engineering notes, and incident response lessons learned.

Latest

122 articles published.

Insights 25 June 2025

The AI Arms Race in Cybersecurity: Defense vs. Offense in the Age of Intelligent Threats

In the modern digital battlefield, a new type of warfare is emerging—one where algorithms, not humans, are often the first to strike and the first to defend. Artificial Intelligence (AI) has become a double-edged sword in cybersecurity. As defenders harness its power to automate threat detection and streamline response, cybercriminals are also evolving—leveraging AI to scale attacks and evade traditional defenses.

Ismael Melgar Villalta
Insights 20 June 2025

Why Most SOCaaS Solutions Fall Short — and How We’re Doing It Differently

In today’s evolving threat landscape,Security Operations Centeras a Service(SOCaaS) has become a critical part of a resilient cybersecurity strategy. But as moreorganizations adopt outsourced security operations, a common realization isemerging: many SOCaaS providers simply don’t deliver what modern businessesneed.From slow integrations to limited coverage, the market is full of offerings that fail tokeep pace with the complexity and urgency of real-world cyber threats. Here’s acloser look at where many providers fall short — and how we’ve built a SOCaaSsolution to overcome those gaps.

Ismael Melgar Villalta
Insights 30 May 2025

May 2025 Consulting Threat Intelligence Briefing

Throughout the period from 1 May 2025 to 31 May 2025, the consulting industry faced a significant level of ransomware activity, with two high-profile breaches reported onransomware.live. These incidents, corroborated by analyses published by Mandiant on 8 May 2025 and further supported by threat data from IBM X-Force Exchange on 12 May 2025, demonstrate both the continued evolution of ransomware strains and the increased ability of adversaries to exploit known vulnerabilities swiftly. The consulting sector, with its access to sensitive intellectual property and client data, has emerged as a prime target for sophisticated criminal groups employing advanced techniques to disrupt operations and extract payments.

Emily AI
Insights 30 May 2025

May 2025 Insurance Threat Intelligence Briefing

Over the course of May 2025, the insurance industry continued to face a considerable number of ransomware threats, underlining the persistent risk posed by well-resourced cybercriminal groups. The latest data drawn fromransomware.livefrom 1 May 2025 to 31 May 2025 indicates that three distinct incidents affected insurance providers in Europe, compromising sensitive policyholder data and operational continuity. These incidents, corroborated by reports from Mandiant (published 8 May 2025) and IBM X-Force Exchange (observed 14 May 2025), offer valuable insights into the tactics, techniques and procedures (TTPs) deployed by threat actors who continue to shift their methods to bypass conventional defences.

Emily AI