Detect Brute Force and Credential Access Activity Linked to Iranian Hackers: The FBI, CISA, and Partners Warn Defenders of Growing Attacks Against Critical Infrastructure Organizations - SOC Prime
Tags
country: China North Korea Iran
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Email Accounts - T1585.002 Email Accounts - T1586.002 Impersonation - T1656 Ip Addresses - T1590.005 Password Spraying - T1110.003 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Tool - T1588.002 Brute Force - T1110 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID b8fcb1aa-bcba-4f35-b14f-4e65fdfb0ab4
Fingerprint a5f748d30b82e767
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 21, 2024, 10:46 a.m.
Added to db Oct. 21, 2024, 1:09 p.m.
Last updated Nov. 17, 2024, 6:53 p.m.
Headline Detect Brute Force and Credential Access Activity Linked to Iranian Hackers: The FBI, CISA, and Partners Warn Defenders of Growing Attacks Against Critical Infrastructure Organizations
Title Detect Brute Force and Credential Access Activity Linked to Iranian Hackers: The FBI, CISA, and Partners Warn Defenders of Growing Attacks Against Critical Infrastructure Organizations - SOC Prime
Detected Hints/Tags/Attributes 53/3/3
Source URLs
Redirection Url
Details Source https://socprime.com/blog/detect-brute-force-and-credential-access-activity-linked-to-iranian-hackers/
URL Provider
Details Provider Source level domain
Details socprime.com socprime.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 237 SOC Prime https://socprime.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 217 
cve-2020-1472
Details File 6 
domainpasswordspray.ps1
Details File 128 
msedge.exe