Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
04.22.24Free threat recon service reveals what you might be missing. Let’s face it, every company has blind spots when it comes to security. Even with a trusted vendor, new threats emerge all the time. Wouldn’t it be reassuring to know exactly what lurks in the shadows of your network? Our latest blog post delves into… Read more »
04.16.24An external penetration testing engagement with a healthcare organization revealed the importance of simple security measures against the darkest of intent. A recent external pen test engagement with a longtime client of ours, a prominent healthcare organization, proved the importance of well-performed reconnaissance and information gathering. A data breach can be devastating, and many individuals’… Read more »
03.28.24During an engagement with a financial services client, DirectDefense relied upon social engineering (and other tactics) to penetrate their physical offices and wireless networks. Performing a combination of physical and wireless penetration testing is always a unique experience for DirectDefense consultants. From location to business type, our team has experienced and learned a lot over… Read more »
03.20.24Never underestimate the abilities of people with too much time on their hands and a pension for malicious activity. Hardware and software security assessments are a key component of maintaining the safety, security, and compliance of any device type, almost regardless of the environment in which they are used. But when the environment is a… Read more »
01.16.24Internal app assessments, while helpful, won’t reveal all of the vulnerabilities weakening your security. Web applications, or web apps, are a common and useful way for companies to interact with both employees and customers. Without adequate assessment, however, security risks thrive, leaving the door open for bad actors to manipulate the systems and cause serious… Read more »
07.10.23How DirectDefense Compromised a Banking Institution’s Help Desk and Member Services Using a Phone Social Engineering Attack + 5 Common Vishing Pitfalls to Avoid Cyber criminals will stop at nothing to steal personal and confidential information from their target. In recent years, many high-profile attacks have leveraged targeted phone social engineering attacks, known as vishing.… Read more »
05.23.23The COVID-19 pandemic caused a massive shift towards remote work, which remains today. Remote work has become the new norm, and it has brought about many changes in the workplace. While remote work offers many benefits, it also increases cybersecurity risks. In this article, DirectDefense will discuss the rise of remote work and cybersecurity, and… Read more »
03.01.23An Examination Whether the Latest AI Products are Anything More Than Powerful New Tools If you work in security or even tech, odds are you can’t stop hearing about recent advancements in artificial intelligence and how they will be humankind’s undoing. With the introduction of products like ChatGPT, OpenAI, or ChatSonic, it’s undeniable that the… Read more »
02.07.23Exploring Fake News Detection as a Service Automated or machine-learning solutions for fake news detection are both necessary and challenging in the fight against misinformation. This post explores the first automatic, content-agnostic approach to fake news detection, FNDaaS, which considers both new and unstudied website features. The Challenges of Fake News Detection Using Current Methods… Read more »
12.12.22What We Can Expect in 2023 Based on the Past Year’s Threat Landscape As we gear up for the holidays and new year, it is that time of the year again to review this year’s security-related events and examine the themes for future security challenges we can expect in the coming year that may affect… Read more »
