X-Industry

A large-scale brute-force password attack involving nearly 2.8 million IP addresses daily attempts to compromise millions of VPN devices from various companies including Palo Alto Networks, Ivanti, and SonicWall.  Brute force attacks involve threat actors attempting to guess username and password combinations until they find the correct one.  The campaign is highly automated, suggesting the potential involvement of malware or botnets.

Ongoing password attack campaign targets VPN devices - The Sh

The National Security Agency, the FBI and other agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Microsoft Office 365 and other cloud-based services, according to an alert published Thursday.  The campaign, which started in 2019, has targeted "hundreds" of businesses, government agencies and organizations worldwide, mainly in the U.S. and Europe, the NSA reports. The victims include several U.S. Department of Defense unit

Prepared by:  Nicholas Dessanti, UNH Cyber Student Intern

Password security has been a major topic of discussion for all computer and web site users.  Today, hackers are exploiting vulnerabilities within user passwords in many ways.  Brute force attacks are the most common way hackers use to find passwords.  Another common method is called a dictionary attack.  Both brute force and dictionary attacks systematically check all possible passwords until the correct one is found.  Hashing algorithms a