For the final blog post in our series on lessons learned from 2016 security assessments, we’ll discuss a high-risk issue our penetration testers and consultants often come across: filtering malicious emails. In our assessments, sending phishing emails with malicious payloads or links is the most common method we use to get initial access to a network…. Read More
Author: Paul Brandau
Inside Kerberoasting: Cracking Weak Network Service Account Passwords
In our previous blog posts, we demonstrated how important it is for penetration testers to get credentials that grant administrative access over hosts within the organization to escalate their permissions. This week, we will discuss a relatively recent privilege escalation technique known as Kerberoasting, which pen testers and malicious hackers can use to crack weak network service account… Read More
Navigating Clear Text Password Vulnerabilities
Accessing Clear Text Administrative Passwords In our last blog post, we showed how pen testers can use misconfigurations within Active Directory group management to escalate privileges. However, that technique is heavily dependent on having access to privileged or misconfigured accounts in the first place. This week, we discuss another finding that we frequently take advantage of… Read More
Identifying Local Admin Misconfigurations for Domain Privilege Escalation
In our previous blog, we discussed how insufficient network segmentation can be exploited by attackers and pen testers. This week, we discuss a finding that we frequently abuse during the privilege escalation phase of our penetration testing assessments, particularly for those involving public sector clients. This phase occurs after our operators have gained a foothold and… Read More
How Insufficient Network Segmentation Increases Your Security Risk
In our previous blog, we introduced our 2016 top five penetration testing lessons learned blog series. Today, in Part II of this series, we discuss our first finding: insufficient network segmentation. The Challenges of Network Segmentation Many of the clients we conduct penetration tests for are larger organizations that have thousands of hosts on a completely flat… Read More
5 External Cyber Penetration Testing Lessons Learned From 2016 Security Assessments
Every year, Delta Risk conducts hundreds of cyber security assessments, including penetration testing, for a wide range of commercial and public sector clients. Many of these organizations share similar weaknesses in their people, processes, and technology. But each assessment also presents new technical challenges for us to solve. In this five-part blog series, we’ll discuss our findings… Read More