Abnormal Blog
Keep up with the latest news in cybersecurity with insight from our team of experts.
Abnormal now inspects auto-forwarded Microsoft 365 email before it reaches tools like Salesforce, Zendesk, and ServiceNow, blocking phishing and BEC upstream.
A single compromised admin triggered 200,000 device wipes. Learn why rethinking security posture in Microsoft 365 is key to containing risk.
Six Abnormal AI leaders have been named to CRN’s 2026 Women of the Channel list, recognizing their impact on partner programs, innovation, and channel success.
Twenty days after Europol seized 330 Tycoon2FA domains, a new campaign emerged with rebuilt infrastructure and six layers of obfuscation. Here's how it works.
Security teams rely on employee reporting but struggle to measure its impact. Metrics like reporting activity, response times, and feedback loops reveal whether security awareness is driving real behavior change.
Learn how attackers exploit Microsoft 365 misconfigurations like OAuth abuse and legacy auth—and why a behavioral layer is critical for modern defense.
AI-powered, human-targeted attacks are outpacing traditional defenses. Learn why security teams are overwhelmed and what needs to change to keep up.
Security awareness training only works if it changes how people behave when a real threat hits their inbox. Here’s how a modern, AI-enhanced approach turns your workforce into a proactive line of defense.
Analysis of nearly 800,000 attacks shows how phishing techniques adapt to the workflows, defenses, and platforms of the organizations they target.
Nearly 800,000 attacks reveal how BEC tactics shift with operational characteristics. See which impersonation strategies target organizations like yours.
Learn how to layer Microsoft Teams policies, incident response playbooks, and automated remediation to defend against the threats native controls can't stop.
Vendor email compromise and impersonation are rising. See how VendorBase delivers continuous vendor discovery and real-time risk analysis—powered by federated intelligence—to stop vendor fraud faster.
A cybercrime platform called ATHR uses AI vishing agents, credential harvesting panels, and built-in phishing mailers to execute and scale TOAD attacks.
The FBI’s 2025 IC3 report logged 22,364 AI-related complaints and nearly $893 million in losses, showing how AI is accelerating business email compromise and social engineering at scale.
See how the Abnormal Behavior Platform delivers immediate value by stopping advanced email attacks, remediating account takeovers, automating user-reported email triage, reducing graymail, and strengthening security posture.
AI regulation is reshaping security leadership as CISOs govern and defend AI behavior, not just secure systems.
How modern account takeover attacks bypass traditional detection and how behavioral AI actually stops them.
A phishing-as-a-service platform is exploiting Microsoft’s Device Code OAuth flow at scale, then weaponizing stolen tokens with AI-powered email intelligence to automate business email compromise.
A previously undocumented phishing platform is targeting CEOs and CFOs by name, exploiting live Microsoft authentication to establish persistent access.
Abnormal Email Productivity automates graymail management to reduce inbox noise, cut manual effort, and free lean SOC teams to focus on higher-value security operations.
Learn how Abnormal's behavioral model uses signals, recency, and context—not just clicks—to deliver a more accurate and actionable phishing risk score.
Iran-aligned groups are conducting cyber operations after strikes by the U.S. and Israel. Explore their tactics and how Abnormal can strengthen defenses.
Protect Microsoft Teams from malicious files and phishing. Learn how real-time attachment scanning and auto-remediation reduce risk and dwell time.
Behavioral models live or die on the signals they see. The next frontier uses AI to connect normal user behavior with attack behavior, sharpening detection with each event.