Comprehensive resources on securing laptops, desktops, mobile devices, and other endpoints that connect to your network. Covers endpoint detection and response tools, device hardening, patch management, encryption, and policies that minimize the attack surface across distributed environments.
posts
A Single Phone Took Down an Entire Pipeline In 2021, a compromised password — likely harvested from a mobile device or reused across platforms — gave threat actors access to Colonial Pipeline's VPN. The result: fuel shortages across the Eastern United States, a $4.4 million ransom payment, and a
In 2023, Verizon's Data Breach Investigations Report found that 74% of all breaches involved the human element — and a growing percentage of those started on a mobile device. I've reviewed mobile device security policies for organizations of every size, and here's the uncomfortable truth:
In 2023, the FBI's Internet Crime Complaint Center (IC3) received over 880,000 complaints with potential losses exceeding $12.5 billion — a 22% increase from the year before. A massive chunk of those losses traced back to malware infections that could have been stopped with basic hygiene. If
In 2023, the FBI's Internet Crime Complaint Center received over 880,000 complaints with losses exceeding $12.5 billion — and a staggering number of those incidents started with a single file that looked perfectly legitimate. That file was trojan horse malware, disguised as an invoice, a software update,
The Virus That Cost a Hospital Chain $100 Million In 2017, the NotPetya wiper malware tore through networks worldwide in under 24 hours. Heritage Valley Health System lost access to its entire network — radiology, cardiology, even surgical systems went dark. Across the globe, Maersk lost nearly $300 million. Merck reported
A Single Click Cost One Hospital Chain $100 Million In 2024, Change Healthcare — the largest health payment processor in the United States — was hit by the ALPHV/BlackCat ransomware group. The attack disrupted pharmacy operations, delayed insurance claims, and ultimately cost UnitedHealth Group an estimated $872 million in the first
A Single Stolen Phone Cost This Company $4.9 Million In 2023, a healthcare organization reported to the HHS that a single unencrypted mobile device — left in a rideshare — led to the exposure of over 100,000 patient records. The resulting HIPAA settlement, remediation costs, and reputational damage ran into
The Personal Phone That Took Down a Hospital Network In 2023, a nurse at a regional hospital plugged her personal phone into a workstation USB port to charge it. That phone carried malware picked up from a third-party app store. Within 72 hours, ransomware had encrypted patient records across three
The $0.97 Device That Cost a Defense Contractor Millions In 2008, a USB flash drive infected with the Agent.BTZ worm was plugged into a U.S. military laptop at a base in the Middle East. It took the Department of Defense 14 months to clean up the damage,
A Single Click Cost MGM Resorts $100 Million In September 2023, a threat actor called Scattered Spider used social engineering to trick an MGM Resorts help desk employee into resetting credentials. Within hours, they deployed malware across MGM's network — crippling hotel check-ins, slot machines, and digital room keys
