Iranian cyber actors are targeting critical infrastructure entities via brute force. The advisory states that since October of 2023, Iranian cyber actors have leveraged brute force and password spraying to compromise user accounts, thus gaining access to organizations in government, information technology, energy, engineering and healthcare and public health (HPH) sectors.   Avishai Avivi, CISO at SafeBreach, comments, “The CISA alert of Iranian cyber actors’ brute force and credential access activity is a good reminder — especially during Cybersecurity Awareness Month — that these malicious actors are working to abuse ‘Multifactor Authentication (MFA) Exhaustion.’ If, as a good cyber-aware person, you’ve enabled MFA on your social networking, WhatsApp or other messaging apps, and bank accounts, you may have grown used to getting and approving MFA requests.

Source: Security Magazine