Big Takeaway for Engineering Teams & Business Leadership is -- You can no longer rely on the false sense of security-through-obscurity of your internal designs; attackers are deliberately targeting these for surgical strikes and it is no longer sensible to believe "the bad guys don't know how to attack our complex private internal systems/services because they don't understand how its put together"; in reality they may very well understand it better than your own employees.
Conversation
Notices
-
Embed this notice
Tanawts (enigma@infosec.exchange)'s status on Saturday, 03-Feb-2024 03:19:04 JST 
Tanawts
-
Embed this notice
Tanawts (enigma@infosec.exchange)'s status on Saturday, 03-Feb-2024 03:19:06 JST
Tanawts
There is a reoccurring Tactic, Technique, and Procedure (TTP) that threat actors have been demonstrating as highly effective.
It was most notably used by Lapsus$ and you can see the behavior Copy+Pasted in the majority of recent attacks:Opportunistic Compromise of an account -> Pour over generally unrestricted internal docs/wikis/repos -> obtain design details -> use discovered unremeditated creds for informed lateral movement/follow up attacks with more specific deeper objectives/targets.
Kevin Beaumont repeated this.
-
Embed this notice
All GNU social JP content and data are available under the