Abnormal Blog
Keep up with the latest news in cybersecurity with insight from our team of experts.
The CIS Microsoft 365 Foundations Benchmark v6 codified two years of real-world breach patterns into 29 new controls. Here is what changed, and what every Security Posture Management tenant now evaluates automatically.
Two new identity threats (AI agents accumulating permissions, synthetic job candidates gaining real access) lack detection signatures, but Abnormal's behavioral AI catches them by flagging deviations from baseline rather than relying on predefined rules.
Learn how Abnormal’s AI Detection Agents analyze customer-reported attacks, identify behavioral patterns, and iteratively generate detectors that generalize beyond static indicators.
See what changed, what was deployed, and what it caught—traceable evidence from every report to deployed protection.
Abnormal AI’s 2026 Attack Landscape Report reveals how phishing, BEC, and vendor compromise attacks are tailored to federal agency workflows, procurement processes, and organizational structures.
Learn how Peak Technologies used behavioral AI to detect sophisticated phishing attacks, automate remediation, and move beyond legacy email security controls.
Device code phishing allows attackers to hijack legitimate Microsoft 365 authentication flows and maintain persistent access. Learn how Abnormal AI detects compromise and helps contain account takeover activity.
Every vendor claims AI. The difference is whether the system reads intent or chases tactics. Here's what makes Abnormal's detection engine different.
From live AI-powered attack demos to real-world CISO insights, a DC roadshow reveals how attackers are using AI today—and why traditional email defenses are falling behind.
Most companies talk about AI transformation. Abnormal is doing it in public, showing how teams across the company are rebuilding their work with AI.
Abnormal now inspects auto-forwarded Microsoft 365 email before it reaches tools like Salesforce, Zendesk, and ServiceNow, blocking phishing and BEC upstream.
A single compromised admin triggered 200,000 device wipes. Learn why rethinking security posture in Microsoft 365 is key to containing risk.
Six Abnormal AI leaders have been named to CRN’s 2026 Women of the Channel list, recognizing their impact on partner programs, innovation, and channel success.
Twenty days after Europol seized 330 Tycoon2FA domains, a new campaign emerged with rebuilt infrastructure and six layers of obfuscation. Here's how it works.
Security teams rely on employee reporting but struggle to measure its impact. Metrics like reporting activity, response times, and feedback loops reveal whether security awareness is driving real behavior change.
Learn how attackers exploit Microsoft 365 misconfigurations like OAuth abuse and legacy auth—and why a behavioral layer is critical for modern defense.
AI-powered, human-targeted attacks are outpacing traditional defenses. Learn why security teams are overwhelmed and what needs to change to keep up.
Security awareness training only works if it changes how people behave when a real threat hits their inbox. Here’s how a modern, AI-enhanced approach turns your workforce into a proactive line of defense.
Analysis of nearly 800,000 attacks shows how phishing techniques adapt to the workflows, defenses, and platforms of the organizations they target.
Nearly 800,000 attacks reveal how BEC tactics shift with operational characteristics. See which impersonation strategies target organizations like yours.
Learn how to layer Microsoft Teams policies, incident response playbooks, and automated remediation to defend against the threats native controls can't stop.
Vendor email compromise and impersonation are rising. See how VendorBase delivers continuous vendor discovery and real-time risk analysis—powered by federated intelligence—to stop vendor fraud faster.
A cybercrime platform called ATHR uses AI vishing agents, credential harvesting panels, and built-in phishing mailers to execute and scale TOAD attacks.