[umvi]

> we took immediate action, disabling and deleting the account that was compromised

Since this was a privileged account, how can they be sure the attacker didn't use said account to setup more ways to get back in? That's the first thing Kevin Mitnick always did when he pwned a box: setup alternative routes to get in, in case his original door got closed.

[throw777luck]

There is a saying from pentesters about shells: "Two is one and one is none"

[moloch]

Always hack with a safety shell!

[derivagral]

for anyone else: https://en.wikipedia.org/wiki/Kevin_Mitnick

[derwiki]

Offtopic and apologies, but needing to link to Mitnick makes me feel old haha. When I was cutting my teeth on Slashdot in the late 90's, I feel like there was a "Free Kevin" post every week.