DHS and FBI release warning of “Password spraying” attacks

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) are releasing a warning related to password spraying attacks, a form of brute force attack. 

According to the alert, malicious actors are increasingly using brute force attacks also known as “password spraying” to target organizations in the United States and abroad. These campaigns often target Single sign-on (SSO) installations as well as email applications.

The DHS and FBI issued an excerpt of the attack: 

 “In a traditional brute-force attack, a malicious actor attempts to gain unauthorized access to a single account by guessing the password. This can quickly result in a targeted account getting locked-out, as commonly used account-lockout policies allow three to five bad attempts during a set period of time. During a password-spray attack (also known as the “low-and-slow” method), the malicious actor attempts a single password against many accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.”

This is a similar threat to the Talos report that we highlighted earlier regarding the GoScanSSH malware that targets weak or default passwords on SSH servers. 

Related Articles

Leave a Comment

Your email address will not be published. Required fields are marked *