M$ warns over password attacks against these Office 365 customers

Discussion in 'Headline News' started by RickAgresta, Oct 12, 2021.

  1. RickAgresta

    RickAgresta General Peanut, leader of the Peanutty Forces

    Likes Received:
    Trophy Points:
    Another good reason to turn on multi-factor authentication now

    Microsoft says 250 Office 365 customers in the US and Israeli defense technology sector have been targeted with 'password-spraying' attacks, where attackers try to access many accounts with commonly used passwords. The technique relies on people using variations of common passwords.

    The password attacks focussed on critical infrastructure companies operating in the Persian Gulf and were carried out by a group Microsoft is tracking as DEV-0343 – most likely a new group from Iran.

    The 'DEV' tag indicates that the group is not a confirmed state-sponsored attack group, but it could become one eventually.

    The Microsoft Threat Intelligence Center (MSTIC) said it had observed DEV-0343 "conducting extensive password spraying against more than 250 Office 365 tenants, with a focus on US and Israeli defense technology companies, Persian Gulf ports of entry, or global maritime transportation companies with business presence in the Middle East."

    Microsoft said "less than 20" of the targeted tenants were successfully compromised.

    The risk of compromise from password-spraying attacks is significantly reduced for organizations that roll out multi-factor authentication.

    lelisa13p, scjjtt, Hook and 2 others like this.

Share This Page