Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
The advisory warns of Iranian cyber actors employing brute force techniques like password spraying and MFA 'push bombing' to compromise user accounts across critical sectors. After gaining access, they gather additional credentials, move laterally, and collect data potentially to sell on cybercriminal forums. It provides tactics, techniques, procedures, indicators of compromise, and mitigation recommendations to strengthen credential security and defend against such threats.
OPENCTI LABELS :
infrastructure,malicious,credential,cve-2020-1472,lateral,access
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations