this post was submitted on 15 Jul 2024
543 points (96.3% liked)
Cybersecurity - Memes
1977 readers
2 users here now
Only the hottest memes in Cybersecurity
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There are very few one click total compromises out there.
Most of the time clicking on the link will get to a phishing page to harvest credentials or prompt to download a zip or pdf which has the actual malware exploit/payload.
True, in many cases there is a whole chain of vulnerabilities and misconfigurations, and everything starts with one phishing mail. For example:
That was the point of this meme. It is not phishing alone that gets the company in trouble, its mostly a series of misconfigurations.
I think that in cyber security, we have to assume that phishing will be successful sometimes - and be prepared when it happens.
Yep and then whatever is trying to execute should be limited by user permissions, app whitelists, EDR / MDR, and a pile of other defenses.