- Security researchers from Cisco Talos have warned of large-scale credential brute-force cyber attacks being conducted against SSH, VPN, and web application services worldwide.
- The attacks have disrupted several organizations through account lockouts, unauthorized network access, and denial of service.
Cisco Talos has released a threat advisory that warns organizations about large-scale brute-force cyber attacks targeting SSH, VPN, and web application services worldwide. According to the report, these attacks started around March 18th, and threat actors were using approximately 4,000 IP addresses to carry out the attacks.
These brute force attacks use trial-and-error and password-spraying strategies to enter random login credentials to access accounts. Prior reconnaissance enables greater accuracy and can simultaneously target thousands of accounts. Cisco Talos has recommended that organizations block the list of suspect IP addresses and the 2000 usernames and passwords that have been noticed in these attacks.
See More: Intel and Lenovo Servers Affected by Unpatched BMC Security Flaw
According to the report, the attacks started through proxy services like TOR, Proxy…
?xml>
