2. CONTENT
• WHAT IS PASSWORD SPRAYING
• DETAILS OF PASSWORD SPRAYING
• VARIOUS PASSWORD SPRAYING ATTACKS
3. WHAT IS PASSWOARD SPRAYING
Password Spraying, is also known as a reverse brute force attack
A Password Spray tries only a few of the most common passwords
against multiple user accounts, trying to identify that one person
who is using 'Password1' or 'Summer2017'.
4. DETAILS OF PASSWORD SPRAYING
Password spraying occurs when an attacker tests a single password
against multiple user accounts at an organization.
By hitting multiple accounts, the method can test a lot of user
names without triggering account-lockout protections that kick in
when a single user account gets hit with multiple password attempts
in a row.
5. CITRIX ATTACK
Citrix Hacked by Password-Spraying Attackers, FBI Warns
Hackers may have accessed and downloaded business documents," Stan Black, Citrix's chief security and
information officer, said in a Friday blog post. "The specific documents that may have been accessed,
however, are currently unknown.
Cybersecurity and intelligence firm Resecurity, based in Los Angeles, said that Citrix was hit as part of a
hacking campaign that it believes is being run by Iridium, which is its name for an advanced persistent
threat group apparently operating from Iran.
The attack campaign has hit more than 200 organizations, ranging from technology firms such as Cisco, to
government agencies, defense contractors, financial services firms and oil and gas firms.
Iridium had been behind the recent, attempted breach of the Australian Parliament's network, which led to
all lawmakers being required to reset their passwords (see: Hack Attack Breaches Australian Parliament
Network).
Resecurity said it had tied the same group to a 2017 attack against the U.K. Parliament that compromised
about 90 accounts
Citrix Systems says it's investigating an apparent penetration of its network and theft of business documents by hackers.
Hackers may have accessed and downloaded business documents," Stan Black, Citrix's chief security and information officer, said in a Friday blog post. "The specific documents that may have been accessed, however, are currently unknown.
The FBI believes the technology company's network was penetrated using "password spraying,"