When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The researchers also said they saw servers hosted in SharkTech being used for the campaigns C2.
SharkTech is allegedly a US-based provider thats hosted malicious activity in the past.
This helps the attackers avoid being detected by traditional security controls.
Typically, password spraying results in lockouts that alert security teams, the researchers explain.
Furthermore, they should monitor for stolen credentials linked to their organizations, and implement conditional access policies.
Organizations cannot afford to assume that MFA alone is a sufficient defense.
Understanding the nuances of non-interactive logins is crucial to closing these gaps.
