CISA says unnamed US federal agency got hacked, attacker used valid credentials for users' Microsoft 365 and domain admin accounts

Originally published at: https://boingboing.net/2020/09/24/cisa-says-unnamed-us-federal-agency-got-hacked-attacker-used-valid-credentials-for-users-microsoft-365-and-domain-admin-accounts.html

2 Likes

It undoubtedly would have avoided this particular vector.

2 Likes

Using people’s legitimate credentials is definitely not an “unusual method” of hacking - it’s by far the most common one.

1 Like

This topic was automatically closed after 5 days. New replies are no longer allowed.