Attackers can conduct identity reconnaissance against an organization at leisure without being detected, Palo Alto Networks says. Source