Category: Security

Dissecting the Latest EPA Alert: What it Means for Drinking Water Utilities

On Monday, the U.S. Environmental Protection Agency (EPA) issued an enforcement alert outlining the cybersecurity threats and vulnerabilities facing community drinking water systems. It details the necessary steps these systems must take to comply with the Safe Drinking Water Act (SDWA). The EPA issued this alert due to the rising frequency and severity of threats… Read more »

A person holding a Google Chromecast remote and pointing it to a TV screen.

We Uncovered a Chain of Chromecast Vulnerabilities – Here’s Why It Matters.

What We Did, and What You Should Know Before Installing a Custom OS A DirectDefense security researcher, Nolen Johnson, joined two other researchers to exploit three Chromecast vulnerabilities present in the Chromecast with Google TV (CCwGTV) 1080P.  The team developed a chain of three exploits that ultimately allowed an individual to run a custom OS/unsigned… Read more »

What’s New in PCI DSS 4.0?

Get Ready for the 2024 PCI Compliance Update The new, stringent, PCI DSS 4.0 will replace PCI DSS version 3.2.1 on March 31, 2024. At that time, you will be required to be compliant with the new specifications. (Do not become confused by the March 31, 2025, date which is when the requirements labeled “best… Read more »

2022 Security Year in Review

What We Can Expect in 2023 Based on the Past Year’s Threat Landscape  As we gear up for the holidays and new year, it is that time of the year again to review this year’s security-related events and examine the themes for future security challenges we can expect in the coming year that may affect… Read more »

The Emotional Toll of Incident Response Events

Navigating the 5 Stages of Grief Following an Incident Response Event Are you a victim of a data breach and are you feeling signs of grief? You’re not alone. As an incident response professional, I have met many different types of corporate staff, from the IT staff to the C-suite. Unfortunately, it was probably on… Read more »

birds-eye view of a hacker on a laptop in the dark

Assessing Microsoft’s Social Engineering Attack

Breaking Down Microsoft’s Response to the Lapsus$ Gang’s Social Engineering Compromise Microsoft has done an excellent job in explaining the social engineering breach that originated against them from the Lapsus$ group. In their recent blog post, they detail the Lapsus$ attack and how access was obtained, as well as provide some decent recommendations to enhance… Read more »

A Look Ahead at the Security Threats Looming in 2022

What to Know, How to Prepare, and How We Got Here When 2021 began, everything from the pandemic to the economy felt uncertain. Security threats increased both as a result of those uncertainties and the ever-growing sophistication of the threat landscape.  In this post, we’ll review the events that created security threats in 2021 and… Read more »

Combat Cyber Anxiety with our Expert Insights Report

X