• cm0002@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      Probably because it’s going to be something boring, like social engineering to get credentials, maybe a disgruntled employee or idiotic security configuration.

      • dependencyinjection@discuss.tchncs.de
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        Boring is subjective. I’m always intrigued by how people gain access.

        Although, I am aware of many of the techniques used I find it fascinating.

        Darknet diaries is a great podcast for these kinds of things.

        • remotelove@lemmy.ca
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Security isn’t really glamorous. Generally, you can just ask someone for their password and they will tell you. This takes a little bit of flair if you are blindly calling a company, but it can still work.

          More often than not, people will just leave a server exposed on the Internet that has bad credentials. AWS makes this really easy to do with EC2, as an example.

          Exotic attacks still happen though. Given that this is an just IPTV service show schedule, my first guess would be a blind SQL injection. That is not really “exotic”. though.