PØ LABS: RESEARCH FROM THE BATTLE FRONT
The threat researchers in PØ Labs watch incidents live, as they occur. Working right on the front lines of cloud threat, we can learn more than anyone else about the latest techniques of adversaries. And we when see something new, we’re very transparent.


LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
Ian Ahl | 09.20.23



LATEST CLOUD-SHAKING INSIGHTS
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
Summary LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing
Cloud Detection and Response Needs To Break Down Boundaries
For the past several years, the security and engineering community have repeatedly heard the adage that "identity is the new perimeter." While identity has long been a pillar to managing security risks in various environments, it's perhaps never
Intern Showcase: Anonymizing Logs Made Easy with LogLicker
LogLicker On GitHub: https://github.com/Permiso-io-tools/LogLicker Introduction Logs play a crucial role in monitoring and analyzing system activity, but handling sensitive information within them can be a daunting task. Whether you're sharing

CLOUD INCIDENT RESPONSE
cloud Infrastructure Paranoia?
Get a free first consultation with the PØ Labs team, led by former Mandiant incident responders. See how PØ Labs identifies compromised infrastructure and helps you respond.

CLOUD COMPROMISE ASSESSMENT
See Who’s Cloud-Lurking Now
PØ Labs can give you a full rundown of who’s in your environment, what they’ve been doing, and if you should be worried. Best case, there’s nothing to worry about.


YOUR FRONT-LINE RESEARCH TEAM


Daniel Bohannon
Principal Threat Researcher
UGA B.S. CompSci, Georgia Tech M.S. InfoSec, 13+ years IR & researcher roles including Mandiant Advanced Practices Team & Microsoft, OpenSource tool developer (e.g. Invoke-Obfuscation)
My favorite dessert is a lavender latte - to be enjoyed during or between any meal of the day




Ricardo Arancibia
Data Scientist
~4 years of experience solving problems using Data Science and building end-to-end ML solutions in a wide variety of industries. Co-founded an official ML Google community with +500 members.
My favorite dessert is any and all combinations of coffee and chocolate. I enjoy coffee in my chocolate and chocolate in my coffee.

Andi Ahmeti
Security Research Intern
Experienced Computer Engineering senior student with a 6-month internship as a Security Engineer. Passionate about cybersecurity and skilled in software development, hardware design, and system architecture.
My favorite dessert is any and all combinations of coffee and chocolate. I enjoy coffee in my chocolate and chocolate in my coffee.

Abian Morina
Security Research Intern
Computer Science and Engineering student specializing in Information Security and Assurance. 1+ year of experience as a Penetration Tester/Bounty Hunter.
My favorite dessert is any and all combinations of coffee and chocolate. I enjoy coffee in my chocolate and chocolate in my coffee.