Large Organizations have developed teams to test their security. The Red team plays the role of the attacker and the Blue team is the defender.<\/p>\n\n\n\n
Penetration Methods:<\/p>\n\n\n\n
Email is the OG method to get a link\/executable\/InterpreterHack in front of a user to deliver a payload<\/p>\n\n\n\n
Instant Messaging is similar to email with a different transport, same payload<\/p>\n\n\n\n
SMS\/MMS delivery method has typically delivered a QR code, when scanned takes the user to a misleading website. provices a little obfucation. but could be a bare link<\/p>\n\n\n\n
Web portal + weak password \/ no MFA. Think Cloud services like Office365<\/p>\n\n\n\n
Open Inbound TCP ports + vulnerable software. NEVER pass RDP\/TCP3389 to an internal server. I find many Security Camera installers that ask to have ports forwarded so cameras can be monitored from offsite, it’s ironic to have your security system be the cause of the insecurity. Investigate Tailscale, it’s easy to use once you learn the basics.<\/p>\n\n\n\n
<\/p>\n\n\n\n
<\/p>\n\n\n\n