Information
Over time, system administration errors and changes can lead to groups being defined in /etc/passwd but not in /etc/group .
Rationale:
Groups defined in the /etc/passwd file but not in the /etc/group file pose a threat to system security since group permissions are not properly managed.
Solution
Analyze the output of the Audit step above and perform the appropriate action to correct any discrepancies found.
MITRE ATT&CK Mappings:
Techniques / Sub-techniques
Tactics
Mitigations
T1222, T1222.002
TA0003
M1027