TECH NEWS

Zombie user account let hackers control the city’s water

https://image.theregister.com/5243744.jpg?imageId=5243744&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

Failing to disable a former employee’s account was a huge mistake

PWNED Welcome once again to PWNED, the column where security flubs are held up to the harsh, piercing red light of the vulture signal. This week’s sad story concerns a municipality that failed to perform basic account housekeeping and paid for it dearly.

Have a story about someone leaving a gaping hole in their network? Share it with us at pwned@sitpub.com. Anonymity is available upon request.

Our tale of tech missteps comes courtesy of Nicole Beckwith, who serves as the senior director for security engineering and operations at Cribl, an AI platform for telemetry. She used to work as a consultant, and at one point was hired to investigate breaches in an American city’s network.

A threat actor took a “leisurely tour” of the city’s online resources and had started messing around with conference room projectors and...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

Read more