U.S. State Government Network Breached via Former Employee’s Account

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee.
« This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point, » the agency said in a joint advisory published