• "Spreading the ideas of freedom loving people on matters regarding metals, finance, politics, government and many other topics"

Iranian Hackers Have Been ‘Password-Spraying’ the US Grid

Bottom Feeder

Hypophthalmichthys molitrix
Midas Member
Midas Supporter ++
Joined
Mar 31, 2010
Messages
11,768
Likes
23,030
Location
Plague world — still
#1
WIRED

In the wake of the US assassination of Iranian general Qasem Soleimani and the retaliatory missile strike that followed, Iran-watchers have warned that the country could deploy cyberattacks as well, perhaps even targeting US critical infrastructure like the electric grid.

On Thursday morning, industrial control system security firm Dragos detailed newly revealed hacking activity that it has tracked and attributed to a group of state-sponsored hackers it calls Magnallium. The same group is also known as APT33, Refined Kitten, or Elfin, and has previously been linked to Iran. Dragos says it has observed Magnallium carrying out a broad campaign of so-called password-spraying attacks, which guess a set of common passwords for hundreds or even thousands of different accounts, targeting US electric utilities as well as oil and gas firms.

Dragos declined to comment on whether any of those activities resulted in actual breaches. But given the the threat of Iranian counterattacks, infrastructure owners should nonetheless be aware of the campaign.

Iran's hackers have reportedly breached US electric utilities before, laying the groundwork for potential attacks on US electric utilities, as have Russian and China. US hackers do the same in other countries as well. But this wave of grid probing would represent a newer campaign.

Dragos declined to share the details of the VPN vulnerabilities it observed Parisite attempting to exploit. But ZDNet today reported separately that Iranian hackers exploited vulnerabilities in either a Pulse Secure or Fortinet VPN server to plant wiper malware inside Bahrain's national oil firm, Bapco.
 

TAEZZAR

LADY JUSTICE ISNT BLIND, SHES JUST AFRAID TO WATCH
Midas Member
Midas Supporter ++
GIM Hall Of Fame
Joined
Apr 2, 2010
Messages
20,233
Likes
40,200
Location
ORYGUN
#4
I once had a yahoo email acct & they pissed me off. I changed my P/W to "fuckyouyahoo" & it worked !
 

Aurumag

Ag mirror of truth Aurum purity of mind
Midas Member
Site Supporter ++
Joined
Mar 31, 2010
Messages
12,044
Likes
16,985
Location
State of Jefferson
#6
I once had a yahoo email acct & they pissed me off. I changed my P/W to "fuckyouyahoo" & it worked !
I will not divulge any passwords here, but suffice to say:

Your password can say ANYTHING, so long as it complies with the PW required standards.

Back in the early days of network admin, the following were very popular:

password

asecret (as in, your password is a secret)

123456