CISA conducted a probe into a critical infrastructure organization, revealing serious cybersecurity weaknesses including insufficient logging, insecure credential storage, and shared local admin accounts with non-unique passwords. Although no malicious activity was detected, the report emphasized risks such as unrestricted remote access and device misconfigurations. The agency ranked these vulnerabilities, noting that the sharing of admin accounts protected by plaintext credentials significantly increases the potential for unauthorized access and lateral movement within the network.
"The storage of local admin credentials in plaintext scripts across numerous hosts increases the risk of widespread unauthorized access, and the usage of non-unique passwords facilitates lateral movement throughout the network."
"Threat hunters did not find any signs of foul play, nor any malicious activity on the network, but published an extensive report of its findings on Thursday, highlighting risks such as insufficient logging and insecurely-stored credentials."
Collection
[
|
...
]