Advisory: Office 365 Password Spraying

What is it?

Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.

See: https://attack.mitre.org/techniques/T1110/

Why are we posting this?

Yesterday we identified thousands, yes thousands of attempts to access unique client Office 365 accounts from Eastern Europe and Asia. Upon identification of IP’s we notified Microsoft.

There were and still are no signs of access and/or compromise, but we continue to monitor all logs.

What should you do?

Secure your systems, or have that conversation with us to help secure your systems.

Fan of the show?

If you have any questions you'd like to ask or would like to be a guest on the show, use one of the buttons below.

Copy of cover V.21
About

Plans are useless but planning is indispensable and crisis will reveal how you operate.

Join me as I discuss ongoing cybersecurity incidents, trends and best practices to help information security professionals catch threats before they become incidents.

Connect
  • info@amplifiedandintensified.com

  • Contact

  • Spotify

  • Apple Podcast

  • YouTube Channel