Turning Threats Into Strengths: How Ebryx Redefined Security For A Prominent Bank

Client Overview

Our client, recognized for extensive financial services, is a well-established and highly regarded institution. The bank has evolved into a major player in the financial sector, operating a vast network of over 1,400 branches across the region, and providing a wide array of financial services to both individuals and businesses. In addition to its traditional services, the bank has a robust digital banking platform that facilitates convenient and secure transactions.

However, recognizing the need for an external perspective on their internal infrastructure and Security Operations Center (SOC) efficiency, the client sought our expertise. This pre-emptive assessment was crucial to evaluate their readiness for a potential security breach, particularly concerning the compromise of low-privileged user accounts.

Why the Client Chose Us

In a proactive measure to fortify their security measures, our client opted to engage with Ebryx. Their decision to choose us was driven by trust in our cybersecurity expertise, recognizing our ability to provide an impartial and comprehensive evaluation of their security posture, a task their in-house team might not have been able to achieve with the same level of objectivity.

Our clients selected our Red Teaming services due to our thorough assessments and transparent reporting, which offer actionable insights. Furthermore, our team’s expertise, backed by certifications such as Certified Ethical Hacker (CEH) and Certified Information Systems Security Professional (CISSP), equipped them effectively address a diverse spectrum of security concerns.

Project Overview

Our task was to conduct a thorough evaluation of our client’s internal infrastructure and SOC efficiency. This encompassed a Red Teaming operation designed to mimic real-world breach scenarios, identifying vulnerabilities and assessing the bank’s preparedness to respond appropriately.

How Ebryx Responded

During the Red Teaming operation, we discovered several significant security challenges that had eluded our client’s in-house teams. These included the compromise of over 600 computers with local admin rights due to misconfigured EDR exclusions. Our Red Team also identified the abuse of open shares, which allowed us to capture NTLM hashes. The end result was data exposure, which included confidential files and service credentials. Furthermore, we pointed out the presence of outdated operating systems within the bank’s infrastructure, a potential security risk.

To gain insights into the bank’s response capabilities during a breach scenario, we developed strategies to bypass the EDR, ultimately achieving command and control access on compromised systems.

Results and Outcomes

The outcomes of our Red Teaming engagement were substantial. We successfully addressed the misconfigurations, reducing the risk of unauthorized access. We secured open shares, preventing further data leakage and data exposure of confidential files and service credentials. A strategic plan was developed to address the issues related to outdated operating systems, which significantly improved the bank’s overall security posture.

Additionally, our strategies to bypass the EDR provided critical insights into the bank’s response capacity during a breach setup, including the establishment of command-and-control access on compromised systems. This comprehensive assessment allowed the bank to fortify its security posture and readiness to respond to breaches, ensuring the safety and security of their operations.

In conclusion, through our comprehensive Red Teaming operation, our client significantly enhanced its security and response capabilities, ensuring they would be well-prepared to tackle potential security challenges in the future

Share the article with your friends

Related Posts

Posted by Editorial Staff Cloud technology has revolutionized business. In the age of lightning fast connectivity and communication, productivity and innovation have soared. Unfortunately, cloud environments are vulnerable to attack
May 22, 2023
3 Min Read
Posted by Editorial Staff In mid 2021, an organization in the telecommunication sector suffered a breach in their cybersecurity. Hackers compromised the company’s online services to target their end-users– putting
May 22, 2023
3 Min Read
Posted by Editorial Staff In late 2018 cybercriminals conducted a multimillion-dollar raid on a mid-sized bank. In the chaotic aftermath of the breach, one of the country’s largest banking consortium
May 22, 2023
3 Min Read

Have questions?
Let's talk.

Ebryx experts are ready to answer
your questions.

Contact us