Microsoft Office 365 Users Targeted in Brute Force Attacks

  /     /     /  
Publicated : 22/11/2024   Category : security


Microsoft Office 365 Users Targeted in Brute Force Attacks


Attackers leveraged popular cloud service platforms to conduct persistent - and stealthy - login attempts on corporate Office 365 accounts.



Enterprise Office 365 accounts, many belonging to high-level employees at Fortune 2000 companies, were hit with a brute-force attack in one of the earliest operationalized cloud-to-cloud business attacks, according to Skyhigh Networks, which began tracking the campaign early this year.
Skyhigh detected a pattern of organized attacks including more than 100,000 failed Office 365 logins from 67 IP addresses and 12 networks. Attackers tried logging in with different versions of employees usernames, a sign they may have already possessed names and passwords but needed usernames for spearphishing campaigns or data access.
All login attempts came from instances hosted on cloud service platforms and targeted 48 businesses. The slow-and-low pace of attacks indicates threat actors were trying to stay under the radar; for each business, only a handful of senior employees were targeted. All those who were hit have been notified.
Read more details
here
.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Microsoft Office 365 Users Targeted in Brute Force Attacks