Critical Password Warning—2.8 Million Devices Used In New Hack Attack – Forbes
Ongoing brute force password attack against millions confirmed.
Hackers want your password. That’s not too hard to understand in light of the fact that gaining access to accounts and devices is the goal of most cybercriminal campaigns. The methods used to hack your password don’t have to be “the most sophisticated ever,” as seen in recent Gmail attacks; there is often an easier and more efficient way to gain access to the devices and accounts that lead to further compromise: the brute force attack. It has now been confirmed that a genuinely gargantuan brute force password hacking attack is underway, and it’s using 2.8 million already compromised devices in the attempt to compromise more. Here’s what you need to know and do.
Hot on the heels of an FBI warning about brute force attacks against web cameras and digital video recorders, comes the news of a much more concerning and seemingly widespread password hacking campaign. According to the Shadowserver Foundation, which describes itself as “a nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone,” an ongoing bruise force password attack has ramped up the volume to 11 and is now employing up to 2.8 million compromised devices every day to facilitate the attacks against Palo Alto Networks, Ivanti, and SonicWall network edge security devices such as VPNs and firewalls. A Shadowserver Foundation X posting confirmed that there had been a “large increase in web login brute-forcing attacks against edge devices seen last few weeks in our honeypots.”
A Shadowserver Foundation spokesperson told Bleeping Computer that the “attacking IP addresses are spread across many networks and Autonomous Systems and are likely a botnet or some operation associated with residential proxy networks.” In other words, cybercriminals are employing an automated process that uses compromised consumer accounts and devices in order to facilitate such a massive brute force password hack attack.
Consumers and enterprises alike should take steps to make sure they are using strong and unique passwords for all accounts and devices, with two-factor authentication as a second layer of protection against compromise. All devices should be updated with the latest firmware, and you should ensure that all security patches have been implemented.
One Community. Many Voices. Create a free account to share your thoughts.
Our community is about connecting people through open and thoughtful conversations. We want our readers to share their views and exchange ideas and facts in a safe space.
In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.
Your post will be rejected if we notice that it seems to contain:
User accounts will be blocked if we notice or believe that users are engaged in:
So, how can you be a power user?
Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.
source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.
