Category: Tales from the Road

Tales From The Road: PCI Compliance 101: Don’t Keep your Network in the Housekeeping Storage Room

How a recent DirectDefense physical penetration test for a national hotel chain demonstrated how thousands of credit card numbers could be stolen in 4 simple steps. PCI compliance is required for any company that accept credit or debit cards, or EBTs, and security requirements are based on the number of transactions a business performs each… Read more »

Tales From The Road: Gone’ Phishin’!

How DirectDefense leveraged the pandemic to exploit remote access security for a large corporate network through an email phishing campaign While most of the world was busy adapting to the Work from Anywhere #WFA movement that the pandemic suddenly brought on, a certain segment of the population saw a unique opportunity to get into an… Read more »

Tales from the Road: Taking Control of Access Controls to Protect Sensitive Data from Unauthorized Users

How a recent DirectDefense application security assessment revealed a common vulnerability. A large financial corporation recently called on us to perform a comprehensive security assessment of their client-facing application. Among other findings, the engagement revealed just how easy it would be for someone with ill-intent to exploit the application via access controls that were not… Read more »

Tales from the Road: Think Your Web Application is Attacker-Proof? Think again.

How We Put One Client’s Web App Security to the Ultimate Test Did you know that web applications have become the #1 target for the exploitation of vulnerabilities? Check out these alarming stats: Researchers found around 70 types of weaknesses in web applications. (Source: PT Security) 46% of web applications have critical vulnerabilities. (Acunetix’s report… Read more »