Defeat Domain User Spraying & Brute Forcing of Passwords

December 28, 2011

This post comes to you from Lamar Spells of http://foxtrot7security.blogspot.com/.
A while back, LaNMaSteR53 (Tim Tomes) discussed a method for brute forcing domain default passwords while avoiding account lockout. This discussion was in response to a video by Dave Hoelzer on using PowerShell to hack domain user accounts.

An In-Depth Guide to Identity

Get essential knowledge and practical strategies to fortify your identity security.

Learn More

Tim Tomes

Identity

North Korean hackers targeting workers in nuclear power sector

Shaun NicholsDecember 20, 2024

Threat actors associated with the notorious North Korean hacking outfit Lazarus Group are now setting their sites on targets in the nuclear power sector

DocuSign mobile app login page is seen on a smartphone.

Identity

Fake DocuSign docs used to secure corporate credentials in mishing campaign

Steve ZurierDecember 20, 2024

DocuSign campaign one of many mobile phishing campaigns that aim to steal corporate credentials from top executives.

Breach

Over 3M Builder.ai records leaked by unprotected database

SC StaffDecember 20, 2024

The misconfigured database also included software development plans, timelines, client interactions, financial records, and communications among Builder.ai's employees.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Defeat Domain User Spraying & Brute Forcing of Passwords

An In-Depth Guide to Identity

Related

North Korean hackers targeting workers in nuclear power sector

Fake DocuSign docs used to secure corporate credentials in mishing campaign

Over 3M Builder.ai records leaked by unprotected database

Related Events

Navigating Complex Third-party Identities: The Hidden Value of B2B IAM

Key Identity Guidance for Late 2024 and Early 2025

Identity Resilience: The Missing Piece to Securing Your Identities

Get daily email updates