I work for a small medical firm nobody has ever heard of. Almost all our employees are targeted within a week of hiring on their personal devices with spearfishing trying to get company creds. It’s insane.
It sounds like they have real-time access to the company directory. Might want to review the logs of accounts with permissions and access to your domain controller.
I work for a small medical firm nobody has ever heard of. Almost all our employees are targeted within a week of hiring on their personal devices with spearfishing trying to get company creds. It’s insane.
It sounds like they have real-time access to the company directory. Might want to review the logs of accounts with permissions and access to your domain controller.