We specialize in all aspects of data security: confidentiality, integrity, and authentication. We provide security audits, network penetration detection, and help companies, as well as individuals, protect their information and computer systems.
Case studies of recent projects on behalf of Executek International:
Client 1 (Political Investigation): This was a case of suspected political information leaking. Conducted a security audit of the computer system and network, consisting of a server, a number of desktops and laptops. Found a number of vulnerabilities: weak passwords, the backup system accessible from the outside, update patches not installed regularly, unknown accounts as well as malware and rogue accounts on some of the machines. Used a network vulnerabilities scanner and addressed the weaknesses uncovered. One of the machines was used to access data remotely by unknown parties with a Dropbox folder and linked files.
Client 2 (Company): This was a case of industrial information leaking. We uncovered that the network was compromised, and fixed it with a filtering mechanism. Weak passwords and unsecured backups; both are very commonplace vulnerabilities. Shared folders with minimal permission attributes – changed to strict permissions. Recommended better anti-virus and anti-malware software. Proposed installing the GPG encryption suite for confidential emails.
Client 3 (Private): A family member disappeared under unexplained circumstances. Since a laptop belonging to the missing party was recovered, we broke into the super user account (by obtaining the SHA1 hash of the password form the shadow file, and using ripping software to reverse-engineer the password). We were able to access the entire file system and help in the “missing person” investigation.