Some companies see cybersecurity as a cost center. We see things a little different. LEARN MORE >
Experiencing a Breach?
Blog
Blog Posts
Blog
Honeypot Tales: The EDR That Just Wouldn’t Die
In this installment of Honeypot Tales, our Director of Incident Response, Tyler Hudak, walks through a real-world encounter with an attacker determined to shut down SentinelOne on a compromised honeypot. From uninstall attempts and third-party tools to PowerShell commands and service control tricks, the attacker tried four different methods—yet all failed thanks to approval-based protections.
Blog
Who’s Defending Microsoft Defender? Breaking Down Modern BYOVD Attacks
In this Honeypot Tales post, Inversion6’s Director of Incident Response, Tyler Hudak, breaks down a growing cybersecurity threat: Bring Your Own Vulnerable Driver (BYOVD) attacks. By exploiting trusted but outdated or flawed Windows drivers, attackers can disable endpoint protections like Microsoft Defender, SentinelOne, and CrowdStrike—leaving organizations blind to intrusions. This post explains how BYOVD attacks work, common indicators of compromise, and actionable steps to detect, prevent, and mitigate them before ransomware or data theft occurs.
Blog
Why Third-Party Risk Management is Mandatory for Good Cybersecurity
In today’s hyper-connected business world, third-party vendors are both essential and risky. In this post, Inversion6’s CISO, Damir Brescic, explains why Third-Party Risk Management (TPRM) is critical for strong cybersecurity. From identifying vendor vulnerabilities to implementing scalable monitoring programs with tools like UpGuard, this article shows how to turn your vendor ecosystem into a security advantage. Learn why one-time checks aren’t enough, what a mature TPRM program looks like, and how ongoing oversight reduces exposure.
Blog
Worried About Ransomware? Resilience & Recovery are the Name of the Game
Ransomware is no longer just a technology challenge—it’s a human one. In this post, Inversion6’s CISO, Damir Brescic, examines how groups like Scattered Spider are bypassing traditional defenses with social engineering, phishing, and identity attacks. Learn why prevention isn’t enough, why resiliency and recovery must be prioritized, and how a comprehensive Ransomware Resiliency Assessment can expose gaps before attackers do. From phishing simulations to disaster recovery testing, discover the steps every business needs to survive modern ransomware threats.
