If a single click on a phishing email can ruin the entire company, the blame doesn’t lie with that individual.

  • @Ptsf
    link
    15 months ago

    Oh, of course. But that’s for compromises utilizing tool chains and exploits you’re aware of. Zero day exploits are commonplace nowadays and often utilize complex tool chains to avoid detection or circumvent security posture. It’s all a matter of how sophisticated the attack is and it all becomes a lot easier to do if you’ve got user level run permissions due to some user clicking a phishing email and tossing their creds in it or launching a random pdf with an embedded payload.