A textile manufacturer wanted to ensure that its business was cyber-resilient. With this in mind, management decided 2 years ago to invest in the deployment ofan external SOC. Having recruited a new CISO, he wanted to check the company'sdigital exposure.
By commissioning SEMKEL to identify all vulnerabilities accessible and exploitable from the outside by a threat actor, the CISO wishes to check whether the cyber governance decreed is being applied properly and sufficiently.
The company has several interconnected industrial sites and has invested heavily in the digitalization of its machine tools. We decided to complete the classic perimeter with all connected industrial assets.
Interviews with the people in charge of the various information and digital systems to draw up a list of assets.
Thanks to the different information we have on computer networks, we can launch tools to discover assets connected to the network that may not have sufficient protection.
We scan the deep and dark web for any type of information that could damage a company's digital integrity, as well as any servers leaking confidential information.
Analysis of external vulnerabilities such as domain name usurpation, misconfigurations, etc...
Thanks to SEMKEL's cyberscan, a number of critical elements were brought to light and quickly corrected, thus reinforcing the company's security.
Firstly, recent combinations of e-mail addresses and passwords belonging to several company users were found for sale on dark web marketplaces. This exposure could have enabled an attacker to access sensitive resources via credential stuffing attacks.
Next, two machines were identified as being infected by stealers, malware specialized in recovering passwords. Identification of their IDs and IPs enabled immediate remediation, including removal of the malware and reinforcement of protection measures for the terminals concerned.
In addition, analysis of connection logs revealed the presence of abnormal external connections on certain production machines. Thanks to an in-depth investigation based on IP traces, a clean-up operation was carried out, preventing potential malicious exploitation.
Finally, it was discovered that the DMARC and DNSSEC protocols on one of the company's managed domains were disabled, exposing the organization to an increased risk of spoofing and phishing. The alert sent to the cyber department led to the standardization of DMARC and DNSSEC settings for all the company's domains. This corrective action immediately helped to reduce phishing attempts, the frequency of which was rising sharply.
Thanks to these interventions, the company has strengthened its cyber-resilience, significantly reducing its exposure to threats and improving the governance of its digital security.
or
Expert agency in risk and threat intelligence
2025 SEMKEL