Today > | 2 Medium vulnerabilities   -   You can now download lists of IOCs here!

Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

Oct. 17, 2024, 9:49 a.m.

Description

The advisory warns of Iranian cyber actors employing brute force techniques like password spraying and MFA 'push bombing' to compromise user accounts across critical sectors. After gaining access, they gather additional credentials, move laterally, and collect data potentially to sell on cybercriminal forums. It provides tactics, techniques, procedures, indicators of compromise, and mitigation recommendations to strengthen credential security and defend against such threats.

Date

Published: Oct. 17, 2024, 9:13 a.m.

Created: Oct. 17, 2024, 9:13 a.m.

Modified: Oct. 17, 2024, 9:49 a.m.

Indicators

09407d2e3ac7d6af13c407d17ec8e51b6d1b1d8271df65ebd0b3ffbab420b2fe

Attack Patterns

Iranian

CVE-2020-1472

Additional Informations

Engineering

Information Technology

Healthcare

Energy

Government