Security researchers worldwide are warning of a large-scale brute force attack underway, using nearly 2.8 million IP addresses to attempt to guess login credentials for a variety of network devices, including those from Palo Alto Networks, Ivanti, and SonicWall.
A brute force attack occurs when a threat actor attempts to log in to an account or device multiple times using multiple usernames and passwords until they find the correct combination. Once they have the correct credentials, they can take control of the device or gain access to the network.
According to a new report from threat monitoring platform The Shadowserver Foundation, there has been a brute force attack going on since last month, using nearly 2.8 million source IP addresses per day to carry out the attacks.
The majority of those IP addresses (1.1 million) come from Brazil, followed by Turkey, Russia, Argentina, Morocco, and Mexico. But overall, there are a wide range of countries involved.
The primary targets are edge security devices such as firewalls, VPNs, gateways, and other security components, which are often directly connected to the internet to support remote access.
The devices carrying out these attacks are mainly routers and IoT devices from MikroTik, Huawei, Cisco, Boa, and ZTE, which are often compromised by large-scale malware botnets. The Shadowserver Foundation confirmed that this activity has been going on for some time, but has recently suddenly increased in scale.
ShadowServer also said that the attack IP addresses were distributed across multiple networks and Autonomous Systems (AS), and were likely a botnet or a residential proxy network-related operation.
Residential proxies are IP addresses assigned to individual customers by Internet Service Providers (ISPs), making them attractive to cybercriminals, data collection, geo-restriction bypass, advertising verification, online transactions, and more.
These proxies route internet traffic through residential networks, making users appear like regular family members instead of bots, data collectors, or hackers.
Gateway devices like those targeted in this operation can be used as proxy exit nodes in residential proxy operations, routing malicious traffic through an organization's corporate network.
Measures to protect devices from brute force attacks
To protect edge devices from brute force attacks, the following steps should be taken:
Additionally, keeping your device updated with the latest firmware and security patches is important to eliminate vulnerabilities that attackers can abuse to gain initial access.
Do you remember how many times you installed an app, quickly tapped Allow on the prompt asking for photo access, and moved on without a second thought?
These days, users can pay to protect all their devices – whether it’s a PC, Mac, or smartphone. But with so many options on the market today, it can be hard to know where to start. Here’s a list of the best internet security suites available today.
Microsoft Office has supported ActiveX for years as an option for document extensibility and automation, but it's also a serious security vulnerability.
When you turn this feature off, only registered accounts can use your Chromebook. It's super simple to do.
Security and privacy are increasingly becoming major concerns for smartphone users in general.
The world-famous cybersecurity company Fortinet has just officially confirmed that a large amount of user data was stolen from the company's Microsoft Sharepoint server, and was posted on a hacker forum early in the morning of September 15.
A new strain of ransomware called Qilin has been discovered using a relatively sophisticated, highly customizable tactic to steal account login information stored in the Google Chrome browser.
Some high-end smartphones are now gradually moving users from password and fingerprint security authentication to more convenient facial recognition technology.
Gmail just turned 21, and Google chose to celebrate its special birthday by launching a very meaningful feature for users: an extremely easy and useful automatic email encryption feature.
Discover what a SIM PIN is, its security features, and why you should use it for your mobile device. Learn more about SIM PIN and enhance your security today.
Learn how to enable two-factor authentication for your Blizzard account, and use the Blizzard Authenticator app or SMS Protect to log in securely. Protect your favorite games like World of Warcraft, Overwatch, Hearthstone, or Diablo 3.
The article tested 3 different passwords with an open source password cracking tool to find out which method really works when it comes to password security.
It can be said that the photo library and message archive are two of the most private locations that need to be tightly secured on Android smartphones and tablets.
To ensure better security, devices running Android 10 and above will use random WiFi MAC addresses by default.
In addition to regular exercise and not smoking, diet is one of the best ways to protect your heart. Here are the best diets for heart health.
Diet is important to our health. Yet most of our meals are lacking in these six important nutrients.
At first glance, AirPods look just like any other true wireless earbuds. But that all changed when a few little-known features were discovered.
In this article, we will guide you how to regain access to your hard drive when it fails. Let's follow along!
Dental floss is a common tool for cleaning teeth, however, not everyone knows how to use it properly. Below are instructions on how to use dental floss to clean teeth effectively.
Building muscle takes time and the right training, but its something anyone can do. Heres how to build muscle, according to experts.
The third trimester is often the most difficult time to sleep during pregnancy. Here are some ways to treat insomnia in the third trimester.
There are many ways to lose weight without changing anything in your diet. Here are some scientifically proven automatic weight loss or calorie-burning methods that anyone can use.
Apple has introduced iOS 26 – a major update with a brand new frosted glass design, smarter experiences, and improvements to familiar apps.
Yoga can provide many health benefits, including better sleep. Because yoga can be relaxing and restorative, its a great way to beat insomnia after a busy day.
The flower of the other shore is a unique flower, carrying many unique meanings. So what is the flower of the other shore, is the flower of the other shore real, what is the meaning and legend of the flower of the other shore?
Craving for snacks but afraid of gaining weight? Dont worry, lets explore together many types of weight loss snacks that are high in fiber, low in calories without making you try to starve yourself.
Prioritizing a consistent sleep schedule and evening routine can help improve the quality of your sleep. Heres what you need to know to stop tossing and turning at night.
Adding a printer to Windows 10 is simple, although the process for wired devices will be different than for wireless devices.
You want to have a beautiful, shiny, healthy nail quickly. The simple tips for beautiful nails below will be useful for you.
