Here's what happens if you don't layer network security – or remove unused web shells

TL;DR: Attackers will break in and pwn you, as a US government red team demonstrated

The US Cybersecurity and Infrastructure Agency often breaks into critical organizations' networks - with their permission, of course - to simulate real-world cyber attacks and thereby help improve their security. In one of those recent exercises conducted at a critical infrastructure provider, the Agency exploited a web shell left behind from an earlier bug bounty program, scooped up a bunch of credentials and security keys, moved through the network and ultimately pwned the org's domain and several sensitive business system targets....