Navigation
Recherche
|
Here's what happens if you don't layer network security – or remove unused web shells
vendredi 22 novembre 2024, 02:13 , par TheRegister
TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated
The US Cybersecurity and Infrastructure Agency often breaks into critical organizations' networks – with their permission, of course – to simulate real-world cyber attacks and thereby help improve their security. In one of those recent exercises conducted at a critical infrastructure provider, the Agency exploited a web shell left behind from an earlier bug bounty program, scooped up a bunch of credentials and security keys, moved through the network and ultimately pwned the org's domain and several sensitive business system targets.…
https://go.theregister.com/feed/www.theregister.com/2024/11/22/cisa_red_team_exercise/
Voir aussi |
56 sources (32 en français)
Date Actuelle
lun. 23 déc. - 02:54 CET
|