New CISO Gains Clear Security Insights Through Advanced Testing

Challenge :

The new CISO of an automotive manufacturer sought a fresh perspective on the effectiveness of the organization’s security controls. This included evaluating defenses against the latest attacker tactics, techniques, and procedures (TTPs) and identifying previously unknown attack surfaces.

Solution :

Intellects Group Cybersecurity was chosen as a trusted partner due to an existing relationship focused on incident response readiness. The client selected our Advanced Testing services to address their needs. Our team began by performing reconnaissance to map the topology of the client’s network and identify live hosts.

Out of 45,000 addresses within the scope of the engagement, nearly 700 live hosts connected to external IP addresses were discovered.

Using a combination of host enumeration, vulnerability scanning, port scanning, service identification, OS fingerprinting, and DNS enumeration, we conducted a comprehensive assessment. Additionally, firewall and VPN penetration testing was performed to evaluate the robustness of the client’s external defenses.

Intellects Group identified a critical exposure involving a cloud service provider API found in an open-source code repository, which, when combined with a misconfigured extranet VPN, allowed us to breach the client’s external network infrastructure.

Through a forced authentication attack and password cracking, we successfully captured credentials for a connected backup service. This enabled our testers to pivot to other machines with local admin privileges and gain access to internal networks.

Result :

The client received a clear, easy-to-read report that included an executive summary and prioritized, risk-ranked descriptions of the vulnerabilities uncovered. The report also provided detailed steps for exploiting the vulnerabilities and actionable recommendations for remediation. 

Armed with this information, the client was able to present key stakeholders with an objective and accurate assessment of their security posture, empowering them to make informed decisions moving forward.

Category: Cybersecurity