tr-24-052-001 (1)

12385749895?profile=RESIZE_400xThe US Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account belonging to a former employee.  "This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point," the agency said in a joint advisory published 15 February 2024 alongside the Multi-State Information Sharing and Analysis Center (MS-ISAC).  "The threat actor