@JoelGratcyk @TwitterChicago Either a rogue employee or something like a complete takeover of someone’s machine. Able to bypass a lot of restrictions that way, keystroke logger installed to get the password for their password tracker, some of them let you store 2fa within it, etc.