Top Security QuickFails: #2 Domain Admins Everywhere
#2 Domain admins everywhere The attack It is a Monday morning and Kevin Vielzutun starts his monthly server check in the network, because he is one of 3 administrators of Fahrlässig GmbH with about 100 employees. To save time and thus work more efficiently, Kevin performs these checks as usual with his Domain Admin account, […]
Top Security QuickFails: #1 Office Macros
#1 Standard Office Macros Settings The attack Our employee of the month Peter Lustig receives an e-mail from his supplier SuperSchnell GmbH, who has attached a corrected order in an Excel sheet. Of course, the Excel sheet was protected with a password, because the data protection regulation strictly prohibits anything […]
Top Security QuickFails
The prehistory In recent years, we have conducted an extremely large number of penetration tests at companies of all sizes and in all industries (from small law firms with 3 employees, to power plants, to banks and insurance companies with several thousand employees). This blog series highlights a selection of attack vectors, at least one […]
