The FBI, CISA, and National Security Agency (NSA) has released a joint cybersecurity advisory that warns of Iranian cyber actors targeting critical infrastructure sectors, including healthcare and energy. Since October 2023, they have used brute force techniques, such as password spraying and multifactor authentication (MFA) “push bombing,” to compromise accounts and gain persistent access. These actors conduct reconnaissance to gather credentials and network information, which they likely sell to cybercriminals. Their tactics include lateral movement via Remote Desktop Protocol (RDP) and exploiting vulnerabilities like the Netlogon exploit. Organizations are urged to enhance cybersecurity measures, including strong passwords and multi-factor authentication, to mitigate these threats. For more details, visit the full guidance here: Joint Cybersecurity Advisory.