CTI and local authorities: when a single domain name exposes the entire organization
In a local authority, everyone works with the same domain name: @city-X.fr, @county-Y.fr, @metropolis-Z.fr, etc. Civil servants, departments, schools, municipal police, social services, culture, sports, elected officials, sometimes external service providers, etc. The result: hundreds, sometimes thousands of accounts that rely on the same servers, the same portals, the same systems. For an attacker, this […]