/
Console Brute Force Detected

Console Brute Force Detected

Owned by Former user (Deleted)
Apr 30, 2020
1 min read

As a cloud service, access to the AWS console authentication page is open to the world. With the availability of authentication open to the world, attackers will attempt a variety of techniques to get in. Luckily, accounts provisioned by CUIT use our central authentication service (CAS), with accounts conforming to a password policy as well as 2 factor authentication. Despite the controls in place, the best recommendations are strong passwords for your UNI. It's the greatest defense to mitigate this risk and attack platform.

CUIT checks for the presence of multiple login attempts in a short time frame. If a CUIT account were to have been compromised with an attacker gaining credentials, they would most likely continually access the console. By routinely monitoring access, we would be able to catch this and notify the account owner that they need to change their password.

https://aws.amazon.com/console/

Related content

Missing Account Owner Information
Missing Account Owner Information
CUIT CyberSecurity
More like this
User Activity from Blacklisted Countries and Known Bad IP Addresses
User Activity from Blacklisted Countries and Known Bad IP Addresses
CUIT CyberSecurity
More like this
VPC Changes
VPC Changes
CUIT CyberSecurity
More like this
CUIT Desktop Support Home
CUIT Desktop Support Home
CUIT Desktop Support
More like this
Malicious Activity Detected - Threat Intel
Malicious Activity Detected - Threat Intel
CUIT CyberSecurity
More like this
Web App Attack Detected Malicious UserAgent
Web App Attack Detected Malicious UserAgent
CUIT CyberSecurity
More like this