Back to Case studies

Strengthening Security for Bank

Our banking client is dedicated to providing innovative financial services to its customers while maintaining the highest standards of security and compliance.

Client

Bank

Service

Cybersecurity

Industry

Banking

Country

France

Challenge

  • Client faced a critical need to ensure the security of its internal servers against potential cyber threats.
  • The client sought to identify and address vulnerabilities that could compromise the integrity of their network and data.
  • Our client relies on a robust infrastructure consisting of Windows servers and a sophisticated network architecture to support its banking operations.

Solution

Employing a comprehensive approach, our team utilized the Penetration Testing Execution Standard (PTES) and Open Source Security Testing Methodology Manual (OSSTMM) methodologies to assess the security posture of client's internal servers. Through rigorous testing, we identified and targeted services running on the servers, seeking to exploit potential vulnerabilities. Our efforts yielded a significant breakthrough when we successfully coerced one of the domain controllers to authenticate back to our testing computer, bypassing the need for user credentials. Subsequently, we retrieved the domain controller account hash, enabling us to crack it and gain access to the domain user’s password hashes. With this access, we were able to compromise the client's domain, ultimately obtaining Administrator privileges.

Results

Following our assessment, our client was promptly informed of critical vulnerabilities, including missing security patches and the use of weak protocol versions. This proactive identification allowed the bank to take immediate action to bolster their network security and mitigate potential risks, safeguarding their sensitive financial data from external threats. Bank gained invaluable insights into the vulnerabilities present within their network infrastructure, enabling them to proactively address security gaps and enhance their overall cybersecurity posture. By uncovering potential security weaknesses, our client was empowered to implement robust security measures, reducing the risk of unauthorized access and data breaches. Our findings highlighted the critical importance of maintaining strong security protocols and adherence to best practices, reinforcing client's commitment to protecting customer data and maintaining trust in the banking sector.

What Clients says about the project

Nicolas Passenier

Cybersecurity Expert, Cyclad

Partnering with our Client to enhance their cybersecurity defenses has been a rewarding experience for our team at Cyclad. We are committed to delivering cutting-edge solutions that empower our clients to navigate the evolving threat landscape with confidence.