What if one of your employees clicks on the wrong email attachment? Will you be able to stop the attack, or will the attackers be able to move laterally from there and take over all your systems? This is why you should conduct an internal infrastructure penetration test. The internal system is just one wrong click away from being “public”.
BitLocker is always a topic in Windows client pentests. For full-disk encryption not to be easily bypassed, BitLocker must be configured securely.
There is in fact a vulnerability that can be used to bypass BitLocker without special hardware – and in principle anyone can exploit it. This post covers the bitpixie attack, why BitLocker’s default mode is vulnerable, and what you can do about it.
Firstly, what exactly is BitLocker? BitLocker is Microsoft’s full disk encryption solution. While there are alternative solutions from other companies, my experience shows that BitLocker is the preferred choice for most organizations today. The reasons are straightforward: it’s included at no additional cost and integrates seamlessly with Active Directory and EntraID.
This article will guide you through setting up BitLocker and also go into some of the potential attacks against BitLocker, offering insights into its security features.