Thursday, May 27, 2021

Stories from the SOC -SSH brute force authentication attempt tactic

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.
Executive Summary
An SSH Brute Force attack is a form of cybersecurity attack in which an attacker uses trial and error to guess credentials to access a server. Unlike a lot of other tactics used by cybercriminals, brute force attacks aren’t reliant on existing vulnerabilities. Instead, cybercriminals rely on weak or guessable credentials. Brute Force attacks are fairly simple and have a high success rate, with several tools and programs available for attackers to use. Once an attacker correctly guesses valid credentials, they may be able to view, copy, or delete important files or execute malicious code.
The Managed Threat Detection and Response (MTDR) analyst team team received 96 alarms for Brute Force…

Todd Luft Posted by:

Todd Luft

Read full post

     

The post Stories from the SOC -SSH brute force authentication attempt tactic appeared first on Cybersecurity Insiders.


May 28, 2021 at 09:09AM

0 comments:

Post a Comment