With the Colonial Pipeline attack, the initial infection point was reportedly an old, unused, but still open VPN account. The password had been found on the dark web rather than obtained via phishing, implying that it had been leaked or reused by a Colonial employee. These four tips will help eliminate easy attacker access to your Windows network. One tool I recommend to find old and unused computer accounts in Active Directory is OldComp. You can use PowerShell to locate inactive user accounts or determine who hasnt logged in 90 days or more.”]