If a single click on a phishing email can ruin the entire company, the blame doesn’t lie with that individual.

  • slazer2auEnglish
    952 months ago

    There are very few one click total compromises out there.

    Most of the time clicking on the link will get to a phishing page to harvest credentials or prompt to download a zip or pdf which has the actual malware exploit/payload.

    • @cron@feddit.orgOP
      402 months ago

      True, in many cases there is a whole chain of vulnerabilities and misconfigurations, and everything starts with one phishing mail. For example:

      • successful phishing
      • VPN without 2FA, allowing the attacker access to company services
      • internal services with vulnerabilities, allowing the attacker to compromise a server
      • permission misconfiguration, allowing lateral movement

      That was the point of this meme. It is not phishing alone that gets the company in trouble, its mostly a series of misconfigurations.

      I think that in cyber security, we have to assume that phishing will be successful sometimes - and be prepared when it happens.

    • BuelldozerA
      42 months ago

      Yep and then whatever is trying to execute should be limited by user permissions, app whitelists, EDR / MDR, and a pile of other defenses.