SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Tuesday, June 24th, 2025: Telnet/SSH Scan Evolution; Fake Sonicwall Software; File-Fix vs Click-Fix
7 snips
Jun 25, 2025 Discover the intriguing evolution of password brute forcing over the past decade, revealing attackers' changing strategies. Learn about the alarming rise in attempts per scan, despite the consistency in password length. Delve into a new attack method called 'FileFix,' which tricks users into executing dangerous commands. Additionally, explore the trend of threat actors creating counterfeit software, like a fake Sonicwall Netextender, aimed at stealing user credentials. Stay informed on these pressing cybersecurity challenges!
AI Snips
Chapters
Transcript
Episode notes
Brute Force Scan Trends
- Password brute forcing attempts increased from about 10 to 70 username-password pairs per attacker IP since 2018.
- Average attempted password length stayed around eight characters, mostly simple default passwords.
FileFix: Evolution of ClickFix Attack
- A new variant of the ClickFix attack called FileFix leverages file explorer instead of the command prompt.
- This shift may increase victim susceptibility and complicate detection.
Password Length vs Complexity
- The average password length in brute force attacks remains short and simple, often default passwords.
- Longer password length doesn’t necessarily mean stronger passwords if complexity is lacking.