Why Mobile Device Security Matters More Than Most Think

Mobile devices are often one of the most overlooked assets from a security perspective. Many people are under the false assumption that mobile devices “can’t get viruses”, “aren’t important”, or that they can ignore mobile updates, when in fact, these devices often store more critical data than people realize, yet statistically are barely more secure… Read more »

Tales From The Road: PCI Compliance 101: Don’t Keep your Network in the Housekeeping Storage Room

How a recent DirectDefense physical penetration test for a national hotel chain demonstrated how thousands of credit card numbers could be stolen in 4 simple steps. PCI compliance is required for any company that accept credit or debit cards, or EBTs, and security requirements are based on the number of transactions a business performs each… Read more »

The Colonial Pipeline Shutdown Demonstrates How Precarious Our Critical Infrastructure Security Really Is

Greater Security Must be Applied to all Operational Technology Systems The Colonial Pipeline shutdown, caused by a ransomware attack, highlights the precarious position of many critical infrastructures.  The effects of the pipeline cyber incident are widespread, as 45% of the U.S. East Coast relies on it for gasoline, diesel fuel and jet fuel. Several southern… Read more »

Tales From The Road: Gone’ Phishin’!

How DirectDefense leveraged the pandemic to exploit remote access security for a large corporate network through an email phishing campaign While most of the world was busy adapting to the Work from Anywhere #WFA movement that the pandemic suddenly brought on, a certain segment of the population saw a unique opportunity to get into an… Read more »

Your Detailed Out-of-Office Autoresponder Could be Putting Your Organization’s Email Security at Risk

Tips for Writing Safe but Still Helpful OOO Email Messages. The spirit of the out-of-office autoresponder has never been about email security. Instead, it has traditionally been about providing helpful contact information in the event that a coworker or a customer in need of assistance emails you while you’re away. Simple. But it’s 2021, and… Read more »

Tales from the Road: Taking Control of Access Controls to Protect Sensitive Data from Unauthorized Users

How a recent DirectDefense application security assessment revealed a common vulnerability. A large financial corporation recently called on us to perform a comprehensive security assessment of their client-facing application. Among other findings, the engagement revealed just how easy it would be for someone with ill-intent to exploit the application via access controls that were not… Read more »