After a recent breach, an organization determined that phishing was used to gain initial access to the network before regaining persistence. The information gained from the phishing attack was a result of users visiting known malicious websites. What must be done in order to prevent this from happening in the future
The organization could make it so that specific websutes that seem fake/unsafe are not accessible to the users. For example, downloading an extension into all the devices, that blocks these malicious websites (uBlock Origin)
