Page 19 - Threat Intelligence 8-16-2019
P. 19
ACSC Releases Advisory on Password Spraying Attacks
The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks.
Password spraying is a type of brute-force attack in which a malicious actor uses a single password
against targeted user accounts before moving on to attempt a second password, and so on. This
technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.
The ACSC provides recommendations for organizations to detect and mitigate these types of
attacks against their external services, such as webmail, remote desktop access, or cloud-based
services.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to
review the ACSC advisory on password spraying attacks and the following CISA tips:
• Choosing and Protecting Passwords
• Supplementing Passwords
Vulnerabilities and Indicators of Compromise
➢ Weekly Vulnerability Summary from US-CERT
➢ Talos weekly alerts
➢ We checked and yup, it's no longer 2001. And yet you can pwn a Windows box via
Notepad.exe
➢ Threat actors use a Backdoor and RAT combo to target the Balkans
➢ Vulnerability in Microsoft CTF protocol goes back to Windows XP
➢ New Bluetooth KNOB Flaw Lets Attackers Manipulate Traffic
➢ HVACking: Remotely Exploiting Bugs in Building Control Systems
➢ Trolldesh Ransomware Dropper
➢ Baldr malware unpicked with a little help from crooks’ bad opsec
“The only truly secure system is one that is
powered off, cast in a block of concrete and
sealed in a lead-lined room with armed
guards.”— Gene Spafford
