The Register
Failing to encrypt sensitive data leaves you wide open to attack. During the recent SonicWall attack spree, intruders bypassed multi-factor authentication (MFA) in at least one case, because a user's recovery codes were left sitting in a plaintext file on their desktop.
Using this access, Akira ransomware affiliates were able to kill victim organizations' endpoint security tools, and steal credentials to impersonate privileged users and maintain persistent access to the compromised networks - in addition to infecting their computers with ransomware.
This made the attacker's job extremely easy, and allowed them to compromise an engineer's credentials and then pivot to at least one other platform used by the victim org.
Huntress, which provides managed security services to small and mid-s
Raw Story
America News
Aljazeera US & Canada
MENZMAG
AlterNet
Law & Crime
FOX 32 Chicago Politics