You may have read about this massive hack of government and corporate systems essayed via installations of infected updates? How could this have happened? Surely a big network management concern was employing “best practices” when it came to securing their own electronic infrastructure? Er, maybe not (emphasis added in the quote):
Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”The article goes on to say that solarwinds123 was likely not the skeleton key that the Rooskies used to make free with the company’s software, but sweet baby Jesus on a Popsicle stick, it does suggest a certain brainlessness in the company culture.