This is a story of network segmentation and the impact that seemingly trivial misconfigurations can have for your organization. This is one of those occasions.
This particular pen test asked for goals-based assessment focusing on post-compromise activities — an attempt by the client to discover how vulnerable internal systems were to lateral movement by an attacker who had compromised the domain. Among the goals was a request to attempt to compromise the client’s Amazon Web Services (AWS) infrastructure and a secondary request to access and exploit any systems discovered to contain sensitive or critical operational data .
Read more…
Source: Rapid7
Related:
- Cisco Releases Security Advisory for Secure Client
March 6, 2025
Cisco has released a security advisory to address a vulnerability in its Secure Client for Windows. Secure Client is Cisco’s endpoint virtual private network (VPN) solution. CVE-2025-20206 has a CVSSv3 score of 7.1 and if exploited could allow an authenticated, local attacker to achieve arbitrary code execution (ACE) on the affected machine with SYSTEM privileges via ...
- Unpacking a B2B Business Email Compromise (BEC) Scenario
March 5, 2025
When an organization is subject to a Business Email Compromise (BEC), a single email could result in substantial monetary losses. Threat actors employing such tactics could employ different techniques, ranging from simple to advanced, and have seen increased activities yearly. A recent investigation examined not a typical BEC scenario where a threat actor simply sends a ...
- Android zero-day vulnerabilities actively abused – update as soon as you can
March 5, 2025
Google has issued updates to fix 43 vulnerabilities in Android, including two zero-days that are being actively exploited in targeted attacks. The updates are available for Android 12, 12L, 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available ...
- US charges Chinese hackers who allegedly caused millions of dollars worth of damages
March 5, 2025
US prosecutors on Wednesday announced criminal charges against multiple Chinese nationals for allegedly hacking a range of US companies and municipalities for profit, causing millions of dollars’ worth of damage. Victims of the hackers include US-based critics of the Chinese government, Asian government foreign ministries, and US federal and state agencies, the Justice Department said. Some ...
- UK: 60% of NHS staff want more cyber security training
March 4, 2025
Research from BT found that 94% of NHS staff understand their role in protecting the organisation from cyber attacks, yet only 36% believe current measures are sufficient. The independent online survey of 76 NHS staff at 59 NHS organisations and integrated care systems, carried out between 8 September 2024 and 16 September 2024, explored sentiment around ...
- Critical Zero-day Vulnerabilities in VMware ESXi, Workstation, and Fusion
March 4, 2025
Broadcom has addressed three exploited vulnerabilities that, when chained, can allow an attacker to access the hypervisor through a running virtual machine. VMware’s official advisory does not include all affected product versions. VMware’s official advisory VMSA-2025-0004 includes a Response Matrix detailing the fixed releases for each product. VMware have also released an FAQ detailing the following: You are ...