Intel Name: Iranian cyber actors use brute force to compromise critical infrastructure organizations
Date of Scan: October 17, 2024
Impact: High
Summary: A joint advisory from various U.S. and Canadian cybersecurity agencies warns that Iranian cyber actors are using brute force techniques, including password spraying and multifactor authentication (MFA) ‘push bombing,’ to compromise organizations in critical infrastructure sectors such as healthcare, government, and energy. These actors modify MFA registrations for persistent access and conduct network discovery to gather additional credentials. The information they obtain is likely sold on cybercriminal forums for further malicious activities.
