Fishing for Security: Reeling in Phishing Attacks Across a Global Organization

Phishing an employee , getting their credentials (bypassing MFA ain’t that hard), then using that to gain access to slack/code/vpn/internal-tools and then hunting for leaked credentials to gain access to PII…. sound familiar????

As much as cyber security has advanced, the kill chain of a lot of breaches remains quite simple and unchanged. There is a reason for that, protecting a remote workforce against such attacks is not easy. And no, phishing simulations and then blaming the user for clicking …

access advanced attacks breaches bypassing code credentials cyber cyber security employee fishing global hard hunting internal kill kill chain leaked lot mfa organization phishing phishing attacks pii security slack sound tools vpn