Today, CISA—with the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and international partners—released joint Cybersecurity Advisory Iranian Cyber Actors Brute Force and Credential Access Activity Compromises Critical Infrastructure. This advisory provides known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used by Iranian actors to impact organizations across multiple critical infrastructure sectors.

Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare and public health (HPH), government, information technology, engineering, and energy sectors.

CISA and partners recommend critical infrastructure organizations follow the provided guidance, as well as ensure all accounts use strong passwords and register a second form of authentication.

For more information on Iranian state-sponsored threat actor activity, see CISA’s Iran Cyber Threat Overview and Advisories page. Visit CISA’s Cross-Sector Cybersecurity Performance Goals for more information on the CPGs, including more recommended baseline protections.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Dark Web Market Revenues Rebound but Sector Fragments

February 29, 2024 0 Comments 0 tags

Chainalysis study of crypto flows reveals darknet markets made $1.7bn in 2023

Read More

Problems with Georgia’s Voter Registration Portal

August 7, 2024 0 Comments 0 tags

It’s possible to cancel other people’s voter registration: On Friday, four days after Georgia Democrats began warning that bad actors could abuse the state’s new online portal for canceling voter

Read More

Upcoming Speaking Engagements

June 14, 2024 0 Comments 0 tags

This is a current list of where and when I am scheduled to speak: I’m appearing on a panel on Society and Democracy at ACM Collective Intelligence in Boston, Massachusetts.

Read More