Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
12.19.24Attackers Have Evolved – But Most Companies Have Not The greatest gift a cyber attacker gets during the holiday season is another year of largely unfettered access to company data. While we ring in 2025 with the renewed sense of promise a new year brings, threat actors are also celebrating – because while they’ve been… Read more »
10.15.24Digging Deeper to Uncover a Fenix Botnet Targeting HR & Payroll Tax Employees in Mexico When a client’s EDR platform alerted that it had blocked a file being accessed through a non-domain address, that could have been “case closed” – the file was blocked and the activity was halted. Or so it seemed. Our… Read more »
07.19.24As of 0409 UTC, a critical issue with CrowdStrike Falcon Sensor agents on Windows devices has caused significant global outages. This was not a security incident or cyberattack, and DirectDefense’s infrastructure was not affected by this outage. The root cause has been identified as an automatic content deployment applied to Windows hosts, which has resulted in… Read more »
12.15.23The top ten Cybersecurity threats for 2024 demonstrate a growing sophistication and evolution of attack techniques.
05.09.23How to Prevent Credential Stuffing with IPv6 Protocol Security Third-party software security risks are created when third-party vendor products lack security, giving attackers wide open access to your organization’s networks and databases. When a vendor has access to your network, including customer and corporate information, your own company’s security doesn’t cover all the gaps, so… Read more »
01.19.23How Safe are Electric Vehicle Charging Mobile Applications from Attack? This post provides a review of research on mobile EVCS app security and how vulnerable these apps are from attack. I have detailed my take on the research and findings, as well as what we learn from the research on improving security for mobile electric… Read more »
01.17.23How Safe are Radar Sensors from Adversarial Attack? This post provides a review of research on radar security and how vulnerable a particular type of radar is to adversarial attack. I have detailed my take on the research and findings, as well as what we learn from the research on improving security within radar-based environments.… Read more »
01.11.23Apex Labs Dissects a 4-Part Study on Privacy and Security Issues in Electronics Repair Is there data snooping by electronics technicians when we bring our devices in for repair? The researchers in this paper claim to have conducted the first-ever comprehensive study to understand the state of privacy in the electronics repair services industry. While… Read more »
12.12.22What We Can Expect in 2023 Based on the Past Year’s Threat Landscape As we gear up for the holidays and new year, it is that time of the year again to review this year’s security-related events and examine the themes for future security challenges we can expect in the coming year that may affect… Read more »
03.31.22Navigating the 5 Stages of Grief Following an Incident Response Event Are you a victim of a data breach and are you feeling signs of grief? You’re not alone. As an incident response professional, I have met many different types of corporate staff, from the IT staff to the C-suite. Unfortunately, it was probably on… Read more »
