Tales from the Labs
At Coalfire Labs, we discover—and help our clients address—a lot of scary security and
compliance problems. Like zombies out looking for a victim, nefarious characters are out to attack your IT infrastructure and compromise your systems. Even when organizations have protections in place, the monsters just won’t give up. They keep coming. Consider this frightening tale...
On a social engineering engagement for a bank,
the Coalfire team was asked to attempt to gain access to a local branch’s server room and communications closet. Before heading for the branch, the team called ahead to let the bank’s staff (unaware of the exercise) know that “technicians” would be arriving on site that day. When the “technicians” arrived, the branch staff ushered them directly back to the server room, without even checking their IDs. The team was left alone for 15 minutes (to do whatever they wanted), and on their way out the branch manager asked them to take some surplus equipment back to their office.
Coalfire was able to help the bank understand its vulnerabilities and begin to address weaknesses that ca be exploited via social engineering. The moral of this frightening tale?
Sometimes monsters can dress up like the good guys.
Don’t be scared, be prepared—with Coalfire.
*Promotional photo for Bride of Frankenstein, Boris Karloff, Universal Studios, 1935
Have a scary story of your own? We'd love to hear your story and help you combat your IT monsters!
Learn more about Coalfire Labs:
Vulnerability Scanning & Assessments
Read our other IT Security Horror Stories:
The 100 Million Dollar Getaway
The Ghosts Inside
Breaching a bank in 20 minutes
Past Horror Stories
Truth is SCARIER than Fiction Redux
Is your Network an Unsegmented Haunted House?
Digging your own grave with Default Credentials
Slow Network, Big Phish
The Case of the Phantom Blood Red Team
A Tale of Spooky Hosted Images
Ghost in the Machine
Tale of the Fake IT Rep
Truth is Scarier Than Fiction
The Case of the Phantom Technician