We have the admin login only allowing logins from our HQ (IP limited). Yet, they have all been compromised?
This thread was automatically locked due to age.
We have the admin login only allowing logins from our HQ (IP limited). Yet, they have all been compromised?
See the following (file / certificate artifacts and entries present in the Postgres database): community.sophos.com/.../436088
Also, the IOCs which were present on our devices are available on OTX at otx.alienvault.com/.../5ea58d525c575eda9f1e5c9c.
See the following (file / certificate artifacts and entries present in the Postgres database): community.sophos.com/.../436088
Also, the IOCs which were present on our devices are available on OTX at otx.alienvault.com/.../5ea58d525c575eda9f1e5c9c.