If a single click on a phishing email can ruin the entire company, the blame doesn’t lie with that individual.

  • slazer2au
    link
    fedilink
    English
    965 months ago

    There are very few one click total compromises out there.

    Most of the time clicking on the link will get to a phishing page to harvest credentials or prompt to download a zip or pdf which has the actual malware exploit/payload.

    • @[email protected]OP
      link
      fedilink
      415 months ago

      True, in many cases there is a whole chain of vulnerabilities and misconfigurations, and everything starts with one phishing mail. For example:

      • successful phishing
      • VPN without 2FA, allowing the attacker access to company services
      • internal services with vulnerabilities, allowing the attacker to compromise a server
      • permission misconfiguration, allowing lateral movement

      That was the point of this meme. It is not phishing alone that gets the company in trouble, its mostly a series of misconfigurations.

      I think that in cyber security, we have to assume that phishing will be successful sometimes - and be prepared when it happens.

    • Buelldozer
      link
      fedilink
      45 months ago

      Yep and then whatever is trying to execute should be limited by user permissions, app whitelists, EDR / MDR, and a pile of other defenses.