CyberSecurityBoard
Sponsor Register Login

Getting Access to Internal Networks Via Physical Pentest - Case Study

A recent case study conducted by Hackmosphere for a furniture retailer, referred to as ExCorp, revealed how physical access to facilities could compromise internal networks despite robust cybersecurity measures. The team was particularly interested in identifying weaknesses that could provide access to the internal network, as this would represent a significant security breach with potentially severe consequences. Physical penetration testing provides crucial insights into real-world security vulnerabilities that might be overlooked in purely digital assessments. The case study demonstrates that comprehensive security requires attention to physical vulnerabilities alongside digital protections. Besides this, Hackmosphere analysts affirmed that even robust cybersecurity investments can be undermined by overlooking basic physical security measures. The team connected a LanTurtle device to an exposed network socket hidden under a desk, obtaining an IP address (10.3.86.30) within the internal network. The network configuration revealed multiple interfaces as shown in the connection data, including eth0 (172.16.84.1) and eth1 (10.3.86.30), showing complete network penetration. This highlighted serious deficiencies in physical access controls and employee security awareness. The penetration test identified four critical vulnerabilities that could potentially allow malicious actors to breach the company’s digital infrastructure without sophisticated hacking techniques. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The device established an SSH connection encapsulated in TLS on port 443 to bypass firewall restrictions, providing remote access to ExCorp’s internal systems. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The Hackmosphere team employed a methodical approach to their physical penetration testing engagement. Network logs showed the successful compromise, with the device establishing a connection to the ExCorp.com.local domain. Finally, the assessment team gained unauthorized access to the manager’s office by consulting the building’s emergency evacuation map, which improperly disclosed the office location. The penetration testers were able to connect a “Rubber Ducky” USB device to the terminals during brief periods when staff were away from their stations. This device allowed them to execute commands and gain control of machines connected to the internal network. This case demonstrates that cybersecurity strategies must encompass both digital and physical dimensions to be truly effective. During the assessment, the analysts at Hackmosphere observed that store computers were frequently left unlocked and unattended during employee breaks.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 07 Mar 2025 22:15:20 +0000


Cyber News related to Getting Access to Internal Networks Via Physical Pentest - Case Study

Getting Access to Internal Networks Via Physical Pentest - Case Study - A recent case study conducted by Hackmosphere for a furniture retailer, referred to as ExCorp, revealed how physical access to facilities could compromise internal networks despite robust cybersecurity measures. The team was particularly interested ...
1 week ago Cybersecuritynews.com
Palo Alto Networks and IBM to Jointly Provide AI-Powered Security Offerings - PRESS RELEASE. SANTA CLARA, Calif. and ARMONK, N.Y., May 15, 2024 /PRNewswire/ - Palo Alto Networks, the global cybersecurity leader, and IBM, a leading provider of hybrid cloud and AI, today announced a broad-reaching partnership to deliver ...
10 months ago Darkreading.com
Research Shows 163% ROI with Palo Alto Networks Software Firewalls - Good news is here for cloud and network security professionals who need proven, cost-effective solutions that substantially reduce downtime and breaches across a range of cloud and virtualized environments. Palo Alto Networks software firewalls not ...
1 year ago Paloaltonetworks.com
CVE-2024-29018 - Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP ...
11 months ago
Sensitive data loss is due to lack of encryption - In an era where data is the lifeblood of businesses, safeguarding sensitive information has become paramount. Cybersecurity lapses have historically been a cause of data breaches, but a recent study sheds light on a new dimension of vulnerability - ...
1 year ago Cybersecurity-insiders.com
Product showcase: ImmuniWeb AI Platform - ImmuniWeb is a global application security company that currently serves over 1,000 customers from more than 50 countries. ImmuniWeb AI Platform has received numerous prestigious awards and industry recognitions for intelligent automation and ...
1 year ago Helpnetsecurity.com
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org
Pen Testing Across the Environment: External, Internal, and Wireless Assessments - Among other controls, penetration testing stands out because it simulates attackers' malicious activities and tactics to identify security gaps in business systems or applications. Because pen tests thoroughly investigate vulnerabilities, the scope ...
8 months ago Securityboulevard.com
Network Protection: How to Secure a Network - Network security protects and monitors the links and the communications within the network using a combination of hardware, software, and enforced policies. Best practices for network security directly counter the major threats to the network with ...
10 months ago Esecurityplanet.com
Palo Alto Networks and Deloitte Expand Strategic Alliance Globally - 1, 2024 /PRNewswire/ -- Palo Alto Networks (NASDAQ: PANW) and Deloitte today announced an expansion of their strategic alliance into EMEA and JAPAC regions, making Palo Alto Networks® AI-powered cybersecurity solutions and joint offerings available ...
5 months ago Darkreading.com
A Leader in 2024 Forrester Enterprise Firewall Solutions Wave - Palo Alto Networks has long recognized these challenges, which is why we’ve built a network security platform that not only protects but also fosters business growth and innovation in today’s complex environment. We believe the recognition of ...
5 months ago Paloaltonetworks.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
The Case Study: The Exploitation of Business Assets - The role of this case study is to explain how it's feasible to exploit some business assets using the IoT search engines and some hacking tools. In this chapter, we would apply the Censys searching tool for crawling the web in a quite wide context, ...
1 year ago Cyberdefensemagazine.com
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
1 year ago Darkreading.com
New Google Chrome feature blocks attacks against home networks - Google is testing a new feature to prevent malicious public websites from pivoting through a user's browser to attack devices and services on internal, private networks. More simply, Google plans to prevent bad websites on the internet from attacking ...
1 year ago Bleepingcomputer.com
Study Reveals Top Vulnerabilities in Corporate Web Applications - A recent study conducted by Kaspersky Security Assessment experts has revealed the most prevalent vulnerabilities in corporate web applications developed in-house. Spanning the years between 2021 and 2023, the study identified numerous flaws, ...
1 year ago Infosecurity-magazine.com
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org
Pentest People Announces its Assured Service Provider status for NCSC's Cyber Incident Exercising Scheme - Pentest People, the Penetration Testing as a Service and cybersecurity experts, today announces it has become one of only a few companies in the UK to be an Assured Service Provider in the recently launched National Cyber Security Centre Cyber ...
1 year ago Itsecurityguru.org

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)