Security Blog

Insights on cybersecurity trends, threat intelligence, compliance updates, and technical deep dives from the DEFION team.

Offensive Security 4 June 2025

Agentic AI Risks: When Management Interfaces Become an Attack Surface

Hundreds of publicly accessible AI agent dashboards found, sometimes protected only by a four-digit PIN. Research into agentic AI security risks by DEFION Offensive Security Specialist Jean de Cuba.

Read article

Threat Intelligence 19 May 2026

When OSINT Becomes Extortion: How Threat Actors Fabricate Breach Claims

Threat actors increasingly use OSINT, public metadata, and psychological pressure to fabricate convincing cyber breach claims without proving compromise. Learn how these extortion tactics work.

Read article

Incident Response 19 May 2026

Intern Account, 175 GB Exfiltrated: An Incident Response Case Study

A real-world IR case study: an attacker used an intern account with Domain Admin rights to compromise 26 systems, exfiltrate 175 GB of sensitive data, and nearly deploy ransomware across an educational institution.

Read article

Pentesting 16 April 2026

What is a Pentest? A Complete Guide for Organizations in 2026

A pentest (penetration test) is a controlled cyberattack on your own systems. Learn what a pentest is, when you need one, and what it costs.

Read article

Security Compliance 16 April 2026

NIS2 Explained: Everything Organizations Need to Know

NIS2 is the EU cybersecurity directive applying across Europe. Learn which sectors are covered, what obligations apply, and how to prepare your organization.

Read article

MDR 16 April 2026

What is MDR? Managed Detection & Response Explained

MDR is an outsourced 24/7 cybersecurity monitoring service. Learn what MDR is, how it works, and how it differs from SIEM, SOC, and MSSP.

Read article

Incident Response 16 April 2026

Cyber Incident: What to Do in the First 24 Hours

Step-by-step action plan for the first 24 hours of a cyber incident. Learn what to do, what to avoid, and when to notify regulators.

Read article

Security Compliance 16 April 2026

DORA: What is the Digital Operational Resilience Act?

DORA is the EU regulation for digital resilience of financial institutions, in force since January 2025. Learn who falls under it, what the 5 pillars are, and how to comply.

Read article

Security Compliance 19 March 2026

NIS2, DORA and the Cyber Resilience Act: what do you need to do with them?

A clear overview of NIS2, DORA, and the CRA: what they are, who they apply to, and how to get started without drowning in regulations.

Read article

Cloud Security 16 December 2024

How to Securely Configure Enterprise Applications in Microsoft 365

Enterprise applications in Microsoft 365 can pose security risks. Learn how administrators can configure the right settings to limit risks.

Read article

OT Security 16 December 2024

Increasing Threats in Industrial Environments Require Integrated OT Security

41% of companies in EMEA still have OT and IT teams operating independently. Learn why an integrated approach to OT security is essential.

Read article

Secure Development 28 November 2024

How to Safely Use a Frontend Framework for Your Website

Three essential tips for safely using frontend frameworks: don't trust your frontend, know your framework's limitations, keep software updated.

Read article

Get in touch

Get in touch 24/7 Incident Hotline