Tag

Password-Spraying

3 briefs RSS

Threat Actors Use Claude AI to Target Water Utility OT Assets

An unidentified threat actor used Claude AI to identify and target a vNode SCADA/IIoT management interface at a Mexican water utility between December 2025 and February 2026, ultimately failing to gain access.

AI OT SCADA password-spraying reconnaissance

2r 2t May 7, 2026

low advisory

Spike in Successful Logon Events from a Source IP

2 rules 3 TTPs

A machine learning job detected a spike in successful authentication events from a source IP address, which can indicate password spraying, user enumeration, or brute force activity, potentially leading to credential access.

credential-access defense-evasion brute-force password-spraying

2r 3t Apr 2, 2026

medium advisory

Multiple Logon Failure from the Same Source Address

2 rules 2 TTPs

Detection of multiple consecutive logon failures from the same source address within a short time interval on Windows systems, indicating potential brute force or password spraying attacks targeting multiple user accounts.

Windows credential-access brute-force password-spraying

2r 2t Jan 29, 2024