Proof of Compliance is in the Human Factor
10.17.24Automating your security can save time and effort – but for proof of cybersecurity compliance, you need the human factor.
10.17.2410.17.2410.17.24
A Blocked Security Alert Doesn’t Always Mean “Case Closed”
10.15.24Digging Deeper to Uncover a Fenix Botnet Targeting HR & Payroll Tax Employees in Mexico When a client’s EDR platform alerted that it had blocked a file being accessed through a non-domain address, that could have been “case closed” – the file was blocked and the activity was halted. Or so it seemed. Our… Read more »
Everyone Likes Money — Especially Cyber Criminals.
10.15.24It’s no secret that new cybercrime trends largely revolve around AI, but what may surprise you is how much attackers are willing to invest for bigger payouts.
Water Utilities Under Siege: Why Basic Cybersecurity is Still Lacking
10.03.24Last Wednesday, CISA issued an advisory two days after Arkansas City, Kansas, revealed that a Sunday morning cyberattack forced it to switch its water treatment facility to manual operations. In the alert, CISA urged OT/ICS operators in critical infrastructure sectors to apply the recommendations listed in Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity to… Read more »
Response to CrowdStrike Falcon Sensor Agent Issue Affecting Microsoft Devices
07.19.24As of 0409 UTC, a critical issue with CrowdStrike Falcon Sensor agents on Windows devices has caused significant global outages. This was not a security incident or cyberattack, and DirectDefense’s infrastructure was not affected by this outage. The root cause has been identified as an automatic content deployment applied to Windows hosts, which has resulted in… Read more »
Tales From the Road: Red Team Assessment Services to the Rescue
07.10.24Organizations with security maturity can greatly benefit from annual red team assessments to keep up with the ever-evolving cyber threat landscape. Major organizations that hold detailed and private information are prime targets for malicious attackers, regardless of industry. Bad actors will find ways to break through physical and cyber barriers to obtain and sell personal… Read more »
Bypassing the Google Pixel Tablet Dock Secure Boot
07.01.24Introduction: Implications of These Findings This piece details the development of a chain of two exploits intended to allow an individual to run a custom OS/unsigned code on the Pixel Tablet Dock and utilize that to perform further security-research on the Pixel Tablet itself. The injection vector, as well as the ability to bypass AMLogic (AML)… Read more »
Dissecting the Latest EPA Alert: What it Means for Drinking Water Utilities
05.23.24On Monday, the U.S. Environmental Protection Agency (EPA) issued an enforcement alert outlining the cybersecurity threats and vulnerabilities facing community drinking water systems. It details the necessary steps these systems must take to comply with the Safe Drinking Water Act (SDWA). The EPA issued this alert due to the rising frequency and severity of threats… Read more »
Tales From the Road: If Your Networks Can Talk to Each Other, You’ve Got Gaps
05.07.24Industrial control systems have a big job to do for a single facility’s OT environment – but if you’re operating multiple facilities spread across the U.S. or the world, those systems have a far larger workload, and the security risks inherent in their function get larger too. What no critical infrastructure or industrial corporation wants… Read more »
See What’s Lurking in the Shadows: Claim Your Free Reconnaissance & Information Gathering Service
04.22.24Free threat recon service reveals what you might be missing. Let’s face it, every company has blind spots when it comes to security. Even with a trusted vendor, new threats emerge all the time. Wouldn’t it be reassuring to know exactly what lurks in the shadows of your network? Our latest blog post delves into… Read more »
