Penetration testers jailed after they broke into a courthouse to test its physical security

Well, maybe they can finish the job when they return for their court appearance.

Sounds like a really pleasant place to work.

I was asked to run a vulnerability test of one of our labs. The point was to see whether personnel would follow proper protocols and such. I configured a USB thumb drive with a hidden suspicious Autorun.inf file that would trigger the antivirus, which would alert the personnel to quarantine the system. Pretty basic.

As expected, protocols were not followed, and eventually the ‘crisis’ bubbled all the way to our head of Infosec. He quickly determined it was a test since the Autorun.inf file had his name written into it.

Management were embarrassed by the incident, and decided that the protocols were just fine and that we just shouldn’t run tests anymore since they just cause problems.

I work at a large company that makes things that go “Whoosh” and “Zoom”

13 Likes

Probably inspired by watching one too many Deviant Ollam videos.

But IIRC, Deviant Ollam flies with a gun in order to secure his luggage.

1 Like

Deviant Ollam is why I think that job would be great - like it’s all real world puzzle solving.

And thanks to a few of his videos, I figured out I can get in to our office with a small screwdriver or knife.

2 Likes

It’s good work if you can get it.

Magnavolt. And it won’t even drain the battery.

That’s the first thing that post reminded me of. The second thing your post @Bernel reminded me of is a science fiction book I finished recently where one of the main characters had to resign from the military after drunkenly deciding to do his own security testing against an allied military service. Can’t think of the name of it right now…

Are you sure there are servers in there? Looks like it could just be networking equipment. And if all their data in transit is encrypted, I’m not sure physical access would get you much.

Yes, there are actually racked servers in there. As for “if all their data is encrypted” given the shockingly lax data security we see day in and day out in the news, do you really want to bet on that?

1 Like

This topic was automatically closed after 5 days. New replies are no longer allowed.