Cloud Threat Landscape
  • Incidents
  • Actors
  • Techniques
  • Defenses
  • Tools
  • Targeted Technologies
  • Posters & Newspapers
  • About
  • RSS
  • STIX
  • Back to wiz.io
Cloud Threat Landscape
/Techniques
Techniques
/
Password spraying

Password spraying

Tags
CredentialsAuthentication
ATT&CK Tactic
Credential Access (TA0006)Initial Access (TA0001)
ATT&CK Technique

https://attack.mitre.org/techniques/T1110/003/

Incidents
Peach Sandstorm targeting AzureMicrosoft email exfiltration by NobeliumSmishing into Entra onto VMWare ransomwareAPT29 Targeting Zimbra and TeamCity ServersUSAID cryptojacking incidentPassword spray attack leads to containers being used for cryptominingTeamFiltration Account Takeover Campaign
Last edited
May 19, 2024 9:44 AM
Status
Stub
Defenses
Multi-Factor Authentication (MFA)Password PoliciesWeak Password DetectionSecurity KeysBastion Host

Password spraying involves attempting to sign in to many accounts while guessing passwords from a list of the most likely options. This attack relies on the assumption that at least some accounts will be using insecure passwords.

Compare this to brute-forcing, which involves guessing many passwords against a single account, in a way that is usually more apparent in logs.

Made with 💙 by Wiz

Last Updated: April 3, 2025