You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
trusted access
About this tag
The trusted access tag covers discussions about security risks arising from authorized third-party access to enterprise systems. A notable thread examines a breach disclosed by Microsoft Incident Response where attackers compromised a trusted IT services provider and abused legitimate HPE Operations Manager and Operations Agent tools to run scripts, deploy web shells, harvest Windows credentials, and maintain persistent access for over 100 days. The content emphasizes that the core vulnerability was not the specific tools but the implicit trust granted to third parties, highlighting the gap between authorized access and actual monitoring. This tag is relevant for Windows administrators and security professionals concerned with managing and auditing trusted access paths in enterprise environments.
Microsoft Incident Response disclosed on May 12, 2026, that attackers compromised a third-party IT services provider and used legitimate HPE Operations Manager and HPE Operations Agent infrastructure to run scripts, deploy web shells, harvest Windows credentials, and tunnel into a victim...