Microsoft Warns About Increase in Password Spray Attacks

Must Read
Sienna Rowley
Sienna is an editor at Cloud Host News. She is an internet enthusiast, always eager to explore the latest trend in the tech space. In her free time, she is a modest family woman who loves traveling.

The Detection and Response Team (DART) of Microsoft, who respond to cyber-attacks and help Windows users become cyber resilient explained that they have discovered a substantial rise in password spray attacks incidents across the globe.

You might be wondering what is password spraying in the first place.

For our readers who don’t know, Password spraying is a kind of brute force attack where the threat actors use a small list of commonly used passwords to try obtaining access to the huge account lists.

Unlike the traditional brute force attacking method, the password spraying method uses the same password for various accounts. This minimizes the chances of activating the password lockout mechanism.

Whereas in the case of conventional brute force attack the bot tries a long list of passwords on just one account at a time. So, the chances of triggering the password lockout are high in the case of a classic brute force attack.

DART said that its threat intelligence teams have seen a surge in the use of password sprays attacks by cybercriminals over the years.

DART further noted that these cybercriminals are now targeting the cloud admin accounts and exploiting them with the help of password spray attacks.

Understanding what methods the threat actors use will help identify how to safeguard against such attacks. Here, password spray attacks are on the rise so users need to act accordingly.

With that being said, Microsoft’s Detection and Response Team suggests that users enable multi-factor authentication or MFA to safeguard their accounts and thereby minimize the risk of their accounts getting compromised in such types of attacks.

With that being said, DART confirms that the password spray attacks are being used on the majority of the cloud admin accounts including the Microsoft Exchange service, Sharepoint Conditional Access administrators to billing, authentication, and helpdesk.

These threat actors are so notorious that they steal information of the cloud users once they get admin access using the password spray method, DART concluded.

Featured Image: microsoft.com

Looking for more Microsoft news? Signup for our news later for the latest update

spot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -spot_img
Latest News

G Suite Legacy Free Edition End-of-Line in 2022

Lately, Google announced that the company will be dropping off its G suite legacy free edition plan starting July...
- Advertisement -spot_img

More Articles Like This