Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Be careful what you pwish for – Phishing in PWA applications" --> "... stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints ..." --> "... attack, detected in July 2024, involved infiltrating the target network via compromised credentials for a VPN portal that lacked multi-factor authentication (MFA), with the threat actors conducting post-exploitation actions 18 days after initial access took place ..." --> "... Once the attacker reached the domain controller in question ..." VG Bernd [0] https://thehackernews.com/2024/08/new-qilin-ransomware-attack-uses-vpn.html -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler@itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/c/ITCenterRWTHAachen