Friday News
As I stated earlier.The ransomware cartel that masterminded the Colonial Pipeline attack early last month crippled the pipeline operator's network using a compromised virtual private network (VPN) account password, the latest investigation into the incident has revealed.
The development, which was reported by Bloomberg on Friday, involved gaining an initial foothold into the networks as early as April 29 through the VPN account, which allowed employees to access the company's networks remotely.
The VPN login — which didn't have multi-factor protections on — was unused but active at the time of the attack, the report said, adding the password has since been discovered inside a batch of leaked passwords on the dark web, suggesting that an employee of the company may have reused the same password on another account that was previously breached.
It's, however, unclear how the password was obtained, Charles Carmakal, senior vice president at the cybersecurity firm Mandiant, was quoted as saying to the publication. The FireEye-owned subsidiary is currently assisting Colonial Pipeline with the incident response efforts following a ransomware attack on May 7 that led to the company halting its operations for nearly a week.
Everything Must Be Replaced.
What the Colonial Pipeline, and now JBS hacks tell us about the Cyber market, page-16
Add to My Watchlist
What is My Watchlist?
 (20min delay)
|
|||||
|
Last
0.3¢ |
Change
0.000(0.00%) |
Mkt cap ! $11.63M | |||
| Open | High | Low | Value | Volume |
| 0.0¢ | 0.0¢ | 0.0¢ | $0 | 0 |
| NET (ASX) Chart |
Day chart unavailable