Blackpoint

Blackpoint

Share

To provide 24/7, unified detection and response services to organizations of all sizes around the world.

03/26/2026

Attackers don't need to break in anymore. They log in.

That's the defining finding from Blackpoint's 2026 Annual Threat Report and this month's Inside the SOC brings it to life with three active investigations.

Our analysts will walk through:
πŸ” RoadK1ll β€” a newly identified malware strain that traditional tools aren't built to catch. We'll show you what it looks like in real telemetry.
πŸ”— MSP-to-client compromise β€” one breached MSP became the entry point for attacks across its entire client base. We'll trace the chain and show how trusted relationships get weaponized.
☁️ AiTM attacks on cloud identity β€” MFA doesn't stop Adversary-in-the-Middle. It just has to wait. We saw this play out repeatedly in 2025 across Microsoft 365 environments.

No slides full of theory. Live campaigns, real compromises, straight from the SOC.

Register here: https://hubs.ly/Q048p1Ys0

What 2,000 SOC Investigations Reveal About the Threat Landscape 01/21/2026

ClickFix. Rogue RMM. VPN siege. πŸ”

The threats of 2025 were defined by deception. The defense of 2026 needs to be defined by verification.

Here's what you need to know about the threat landscape right now, according to Blackpoint's recent analysis of ~2,000 on-premises incidents.

https://hubs.ly/Q03_JHV_0 |

What 2,000 SOC Investigations Reveal About the Threat Landscape Adversaries aren’t breaking down the door. They’re tricking users into opening it. Here’s exclusive data from Blackpoint on the cyber threats that defined 2025.

Russia-linked APT28 targets energy and defense groups tied to NATO 01/20/2026

APT28 is taking aim at NATO-aligned energy and defense groups, SC Media. πŸ‘‡

"Andi Ursry, threat intelligence analyst at Blackpoint, said APT28 has gotten attention now because the victim set is strategic and the tradecraft works. Ursry said disposable infrastructure, realistic login pages, and region-specific lures make this kind of credential harvesting inexpensive, fast, and painful to defend against at scale."

https://hubs.ly/Q03_tvQp0 |

Russia-linked APT28 targets energy and defense groups tied to NATO Active since 2004, APT28’s sustained campaign for the past year focused on credential harvesting.

01/15/2026

What a week at ! πŸ™Œ

'Good enough' won't stop the next global outage, as Blackpoint's Manoj Srivastava explained during his panel to discuss cloud security and outage prevention.

β†’ πŸ‘€ Visibility: You can only defend what you can see, so attackers thrive in the blind spots of complex clouds.
β†’ ⏱️ Speed: The window to stop an attack is shrinking. Shift from detection to disruption.
β†’ πŸͺͺ Identity: Secure access is your strongest control plane against lateral movement.
β†’ πŸ›‘οΈ Proactive Defense: Static tools can't keep pace with AI threats.
β†’ πŸ”— Unity: Resilience depends on unifying security architecture across all services.

Watch the full session here: https://hubs.ly/Q03-YCPY0 |

Manoj and the panel argued that as we race toward cloud-native environments, our old security models are becoming our biggest liability. It’s no longer about building higher walls β€” it’s about visibility, speed, and resilience.

Thank you to all the panelists for a thoughtful discussion, and to everyone who joined us at CES for sharing their perspectives on cloud security and resilience.

01/13/2026

Juggling siloed tools and drowning in alerts? Trust us β€” you need to watch this. πŸ‘€

https://hubs.ly/Q03-B9CQ0 |

Manoj Srivastava, Blackpoint Chief Technology & Product Officer, joins the DEMO podcast with Keith Shaw to showcase exactly how CompassOne is solving the 'silo problem' for MSPs and SMBs.

Instead of toggling between five different dashboards, Manoj demonstrates how CompassOne unifies:

β†’ πŸ’» Endpoint
β†’ ☁️ Cloud
β†’ πŸ”’ Compliance

Every layer lives in a single command center, giving you real-time risk scoring and actionable insights in seconds.

CIO

Want your business to be the top-listed Computer & Electronics Service in Denver?
Click here to claim your Sponsored Listing.

Telephone

Address


1099 18th Street, Suite 3050
Denver, CO
80202

Opening Hours

Monday 9am - 5pm
Tuesday 9am - 5pm
Wednesday 9am - 5pm
Thursday 9am - 5pm
Friday 9am - 5pm