Breached Colonial VPN password was complex, but reused

The compromised VPN password that allowed DarkSide operators to get into Colonial Pipeline’s network had been used on multiple websites, according to new insights into the attack.

The revelation was made by Charles Carmakal, senior vice president and CTO at Mandiant, which is the incident response division of cybersecurity firm FireEye that has been roped in to assist with the investigation into Colonial’s ransomware attack.

Source link