A naukri.com initiative
Socprime
3w
268
Image Credit: Socprime
Detect Brute Force and Credential Access Activity Linked to Iranian Hackers: The FBI, CISA, and Partners Warn Defenders of Growing Attacks Against Critical Infrastructure Organizations
- Iran-linked adversaries are aimed at stealing credentials and network information, which can be sold to cybercriminals to facilitate further access.
- U.S. state agencies and international partners warns of a surge in credential access and brute-force attacks by Iranian state-sponsored adversaries.
- Iranian-backed hackers are creating significant challenges for the global cybersecurity landscape through persistent attack strategies.
- Adversaries apply multiple brute-force attack techniques and credential access activity to target critical infrastructure organizations.
- Iranian hackers have been employing brute force techniques, including password spraying and MFA “push bombing” to compromise user accounts and gain access to organizations.
- Iranian hackers also leveraged RDP for lateral movement and employed open-source tools and methods like Kerberos SPN enumeration and directory dumps via the Active Directory Microsoft Graph API.
- SOC Prime Platform offers a complete product suite for advanced threat detection, AI-powered detection engineering, and automated threat hunting.
- To mitigate the risks of brute force attacks and credential access operations affiliated with the Iran-backed adversary activity, cyber defenders recommend ensuring IT helpdesk password management follows company policies.
- It is crucial to bolster proactive cyber defense measures against Iranian hackers.
- SOC Prime Platform for collective cyber defense equips progressive organizations with a feasible solution to proactively thwart emerging and existing threats launched by state-sponsored APT groups, ransomware affiliates, and any kinds of attacks.
Read Full Article
16 Likes
For uninterrupted reading, download the app