Original release date: August 8, 2019
The Australian Cyber Security Centre (ACSC) has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.
The ACSC provides recommendations for organizations to detect and mitigate these types of attacks against their external services, such as webmail, remote desktop access, or cloud-based services.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the ACSC advisory on password spraying attacks and the following CISA tips:
• Choosing and Protecting Passwords
• Supplementing Passwords
This product is provided subject to this Notification and this Privacy & Use policy.
CISA released one Industrial Control Systems (ICS) advisory on October 22, 2024. These advisories provide…
Cisco released its October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled…
CISA released four Industrial Control Systems (ICS) advisories on October 24, 2024. These advisories provide…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of…
Today, CISA—along with U.S. and international partners—released joint guidance, Safe Software Deployment: How Software Manufacturers…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
This website uses cookies.