The hacker social engineered an employee -> logged into the VPN and scanned their intranet. 👇
Apparently there was an internal network share that contained powershell scripts...
"One of the powershell scripts contained the username and password for a admin user in Thycotic (PAM) Using this i was able to extract secrets for all services, DA, DUO, Onelogin, AWS, GSuite"
May 23, 2022 • 10 tweets • 3 min read
Information is key.
What sort of information could be in an Airforce Database?
Who would get hurt by that data?
Who would it benefit?
5 years ago, 17-year-old me easily gained access to an Air Force database.