An investment management firm seeking internal network health check

The client manages above $1 billion in liquid and private capital strategies – all of which were created to capture opportunities unique to the Asian markets while being vigilantly positioned to manage through periods of market stress.

At a Glance

Internal penetration testing

evaluate IT defenses

1 billion

liquid and private capital

What brings them to MXC

Provide an internal penetration test and scanning service for the information processing facilities of the company to review the security level of the IT systems against the information security best practices. The following tests will be conducted.

The objective of this assessment project is to assess the security risks of systems. Identify risks in the internal service, network and system vulnerabilities, patch levels and misconfigurations which could be exposed from the internal network.

Challenges

The most challenges are to chain the vulnerability together and take over the Windows Active Directory control.
Information gathering without disturbed the normal operation.

Results

Maximus or MXC Cyber Security Advisory team was appointed as their Security Consultant purely assessing the network.

The assessor was able to take down the Windows Active Directory (AD) by chaining the vulnerabilities on the internal network. Such as server patch, misconfiguration, and application not up-to-date. As a result, all the AD password hashes have discovered which means they hold company network is compromised.

Contact

Need a kickstart with cyber security?

Knowledge, experience, and resources are the cornerstones of defending your business from cyber crime. Since 2003 MXC has been fighting cyber-crime with more hundreds of major corporations.