Hackers shoveled snow for company, were rewarded with network admin access
ID: 2aa9907e-1ab8-53cb-9131-2524f5eb424e
STIX ID: report--2aa9907e-1ab8-53cb-9131-2524f5eb424e
Feed Name: The Register (Security)
A professional red team bypassed physical security and network controls at a client site by posing as new IT staff and shoveling snow, planted a hidden Raspberry Pi on an unprotected conference-room Ethernet port, and over two weeks used password spraying and exploitation of AD Certificate Services (multiple ESC template/CA weaknesses) to escalate to domain administrator; the report highlights failures in badge/visitor checks, network access control, weak password policy, and lack of MFA.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
