Internal Pentest

Exploit CheckPoint vulnerability with one simple command

Exploit of the CVE

This week, a vulnerability in the CheckPoint VPN Gateway (CVE-2024-24919) was disclosed. Unfortunately, CheckPoint has provided us with very little information about the impact of this vulnerability. I want to change that! I will show how the vulnerability can be exploited and what information an attacker can extract.

Built-in Misconfigurations - Pre-Windows 2000 Compatible Access

Old Computer

This is the first part of a series in which we look into default insecure configurations in Active Directory. This part covers the Pre-Windows 2000 Compatible Access group. What is it? What are the risks? And what can we do about it?

Securing BitLocker: Initial Setup and Defending Against Attacks

BitLocker Pre Boot Authentication

Firstly, what exactly is BitLocker? BitLocker is Microsoft’s full disk encryption solution. While there are alternative solutions from other companies, my experience shows that BitLocker is the preferred choice for most organizations today. The reasons are straightforward: it’s included at no additional cost and integrates seamlessly with Active Directory and EntraID.

This article will guide you through setting up BitLocker and also go into some of the potential attacks against BitLocker, offering insights into its security features.