Security News > 2023 > September > Iranian hackers breach defense orgs in password spray attacks

Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password spray attacks since February 2023.
"Between February and July 2023, Peach Sandstorm carried out a wave of password spray attacks attempting to authenticate to thousands of environments," the Microsoft Threat Intelligence team said.
In password spray attacks, threat actors try to log in to many accounts using a single password or a list of commonly employed passwords.
As Microsoft's Identity Security Director, Alex Weinert, said three years ago, password spray attacks are among the most popular authentication attacks, amounting to more than a third of enterprise account compromises.
In July 2021, the NSA said the Russian APT28 military hacking group targeted the U.S. government and Department of Defense agencies in password spray attacks launched from Kubernetes clusters.
Months later, in October 2021, Microsoft also spotted the Iran-linked DEV-0343 and the Russian-sponsored Nobelium groups breaching defense tech companies and managed service providers in password spray attacks.
News URL
Related news
- Lazarus hackers breach six companies in watering hole attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Suspected Iranian Hackers Used Compromised Indian Firm's Email to Target U.A.E. Aviation Sector (source)
- Silk Typhoon hackers now target IT supply chains to breach networks (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Oracle denies breach after hacker claims theft of 6 million data records (source)