Back Issues This Week → Calendar → Current Issue → Popular →

All issuesVolume 340, Issue 1IT NewsHumor

Hackers Shoveled Snow for Company, Were Rewarded With Network Admin Access

The Register, Thursday, July 2nd, 2026

Red teamers gained network admin access via social engineering and physical security gaps at a client site.

Two offensive security consultants ran a penetration test by exploiting social engineering and physical security gaps.

After offering to shovel snow, they gained building access and planted a Raspberry Pi on an unprotected network port, remaining undetected for two weeks.

During that time they found the company used weak passwords like winter2023! across 50-60 accounts and multiple Active Directory Certificate Services vulnerabilities.

They ultimately obtained domain administrative access. The incident highlights inadequate security awareness training, unrestricted network ports, and the absence of strong password policies and multi-factor authentication.

more →  ·  More from Humor →