Tags
CredentialsAuthentication
ATT&CK Tactic
Credential Access (TA0006)Initial Access (TA0001)
ATT&CK Technique
https://attack.mitre.org/techniques/T1110/003/
Incidents
Peach Sandstorm targeting AzureMicrosoft email exfiltration by NobeliumSmishing into Entra onto VMWare ransomwareAPT29 Targeting Zimbra and TeamCity ServersUSAID cryptojacking incidentPassword spray attack leads to containers being used for cryptominingTeamFiltration Account Takeover Campaign
Last edited
May 19, 2024 9:44 AM
Status
Stub
Defenses
Multi-Factor Authentication (MFA)Password PoliciesWeak Password DetectionSecurity KeysBastion Host
Password spraying involves attempting to sign in to many accounts while guessing passwords from a list of the most likely options. This attack relies on the assumption that at least some accounts will be using insecure passwords.
Compare this to brute-forcing, which involves guessing many passwords against a single account, in a way that is usually more apparent in logs.