CISA says unnamed US federal agency got hacked, attacker used valid credentials for users' Microsoft 365 and domain admin accounts

xeni · September 24, 2020, 8:24pm

spatley · September 25, 2020, 2:35am

It undoubtedly would have avoided this particular vector.

dragonfrog · September 25, 2020, 6:31pm

Using people’s legitimate credentials is definitely not an “unusual method” of hacking - it’s by far the most common one.

system · September 29, 2020, 8:24pm

This topic was automatically closed after 5 days. New replies are no longer allowed.

Topic		Replies	Views
Equifax used "admin/admin" as login and pass for an unencrypted server full of your personal data boing	18	985	October 27, 2019
Chinese hackers pwned computers that house data for all federal employees boing	2	1083	July 15, 2014
Who really hacked the DNC? boing	21	3388	June 21, 2016
UL has a new, opaque certification process for cybersecurity boing	3	1187	April 18, 2016
Dell apologizes for preinstalling bogus root-certificate on computers boing	20	1981	November 29, 2015