1 min read

Watch out for Password Spraying Attacks...

Featured Image

Security7-Blog Image

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to Network Administrators regarding an increase in Password Spraying attacks.

What is a Password Spraying Attack?

Pretty much exactly what it sounds like. It's a brute-force style attack where a would-be attacker literally sprays passwords at a user accounts until one sticks.

By using one password at a time across multiple accounts the attacker is usually able to remain undetected.

Typical Targets

Attackers go after a wide array of targets including, but not limited to:

  • Webmail
  • Remote Desktop Software
  • Active Directory Federated Services
  • Cloud Services (i.e. Office365)

What to Look For

  • A high number of authentication attempts within a set period of time
  • Large numbers of bad usernames
  • High number of account lockouts within a set period of time

How to Stop a Password Spraying Attack

  • Implement multifactor authentication
  • Use complex passwords
  • Implement a strong password reset policy
  • Increase alerting and monitoring

Like our blog? Subscribe using the CTA in the upper right hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don't forget to follow us on LinkedIn and Twitter

The Fox is Guarding the Henhouse: Microsoft enters the MSSP Space

Microsoft has decided it's time to dip its big toe in the Managed Security Services Provider (MSSP) space with three brand new products, Microsoft...

Read More

Beware Random Thumb Drives: Raspberry Robin Malware...

As if any well-minded cybersecurity professional would be trusting of the little buggers in the first place. Anywho, there's a new malware making the...

Read More

Bad Actors Still Targeting Remote Workers (Link)

Aamir Lakhani, a global security strategist, and researcher at Fortinet's FortiGuard Labs, has shared an article on ThreatPost where he discusses the...

Read More