This document summarizes two case analyses of hacking incidents at ABC company and provides recommendations. Case 1 involved a phishing attack that obtained admin passwords. Case 2 detailed how hackers used Airmon-ng to access the internal network, nmap to scan servers, and Metasploit to steal passwords and access the SQL database. Recommendations included updating security awareness training, implementing SPF, monitoring networks for malicious activity, disabling LM hashes, enabling account lockouts, and testing disaster recovery plans.