Case studies. Red Teaming

Network Compromise and Cloud Infrastructure Exposure Case

Poor network segmentation enabled an attacker to pivot from internal access to full cloud takeover.

The challenge

A network security assessment exposed excessive connectivity between corporate and management domains, leading to full control over cloud and virtualized environments.

The solution

Restricted VPN access and isolated AD controllers from Internet exposure.
Enforced MFA on privileged accounts.
Implemented stronger monitoring for unauthorized lateral movement.

How we did it

Used employee dual-domain access to pivot into management networks.
Extracted Azure AD Connector database for admin access.
Gained full control over vSphere via weak authentication.

Conclusion

Without strong segmentation and access controls, an attacker could move laterally and compromise critical infrastructure. Security baselines were enforced to prevent future risks.

Your Cyber Resiliency is Our Passion

schedule a call

About security testing:

Case studies. Red Teaming | Case studies. Security

Targeted Phishing on Cloud Services Provider Admin infrastructure Case

Successful phishing attacks revealed detection gaps in support and SOC teams, allowing unauthorized access without alerts.

EDR product’s effectiveness evaluation

Evaluating EDR Product against Threat Actors: Uncovering Limitations and Collaboration for Enhanced Detection of Multiple Killchains.

Case Studies | Case studies. Red Teaming | Case studies. Security

Social engineering

During this social engineering engagement, it was possible to achieve persistent internal access, exfiltrate confidential and personal information, and compromise the internal segmented infrastructure.