This isn’t anything like what its trying to spark fear over. it requires a credential stuffing attack that needs the following:
A management interface exposed to the internet
A lack of controls related to who can log in and where from
The use of SSLVPN that does not utilize SAML or another form of OAuth
After all of that, and presuming they have a set of working credentials that have not been changed after the credentials were exposed in a breach, can they perform an attack.
Like with anything, working admin credentials will get you to a CLI, and from there you can do a lot. Protect your management interfaces. Do the bare minimum.
Some clickbait nonsense. Genuinely.
This isn’t anything like what its trying to spark fear over. it requires a credential stuffing attack that needs the following:
After all of that, and presuming they have a set of working credentials that have not been changed after the credentials were exposed in a breach, can they perform an attack.
Like with anything, working admin credentials will get you to a CLI, and from there you can do a lot. Protect your management interfaces. Do the bare minimum.