The breach occurred because the attacker compromised an employee’s VPN credentials, gaining access to an account that was not protected using a multi-factor authentication solution. The hacker successfully escalated privileges of the compromised credentials. I found it interesting that Avast allowed the hacker to roam free for weeks in order to track their whereabouts and figure out their intentions. They were able to gather that the intruder was extremely sophisticated and tried to cover their tracks to not be detected.
https://www.zdnet.com/article/avast-says-hackers-breached-internal-network-through-compromised-vpn-profile/
Leave a Reply
You must be logged in to post a comment.