▪️Staff shared specific details of job roles on LinkedIn, consider limiting this especially for financial roles.
▪️Mail gateways allowed inbound phishing emails, implement industry leading email filtering. Block TLD variations, create a blacklist of similar domains.
▪️Workstations had RDP services enabled, regularly scan for services, consider closing off. They can offer ingress points for attackers.