• Send Us A Tip
  • Calling all Tech Writers
  • Advertise
Saturday, June 21, 2025
  • Login
  • Register
TechStory
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to
No Result
View All Result
TechStory
No Result
View All Result
Home Story

Microsoft has warned of an increase in password spraying attacks

by Manasi Varma
November 1, 2021
in Story
Reading Time: 2 mins read
0
Microsoft identified SolarWinds hacker group ‘Nobelium’ in new breach
TwitterWhatsappLinkedin

The Detection and Response Team (DART) at tech giant Microsoft, has warned of an increase on the number of password spraying attacks directed towards valuable cloud accounts.

You might also like

NetEase Games Lays Off Marvel Rivals Seattle Team Amid Development Restructuring

Stellantis Reverses Layoff Decision, Secures Jobs for 1,100 Workers at Ohio Jeep Plant

10 Must-Watch Christmas Movies on Netflix This Holiday Season

For reference, password spraying refers to a type of attack where the culprits use brute force logins that are based on a series of usernames with default passwords, on an application. As such, a single password is used against a number of different accounts on the application, so as to avoid account lockouts that can be triggered when brute force is used on a single account by trying multiple passwords.

High Profile Accounts Targeted

Researchers at DART have warned of attacks against specific admin accounts, and have issued a list of users that need to be protected. These include the likes of security administrators, global administrators, Helpdesk administrators, user administrators, among others. The report states that there have been noted at “uptick” in cloud administrator accounts being targeted. Threat actors are reportedly also attempting to compromise identities with a high profile or access to sensitive data.

Suspicious activity can be checked through specific tools like the Microsoft Cloud App Security portal, and Microsoft has recommended the following alerts to check for:

  • Activity from anonymous IP addresses
  • Impossible travel
  • Activity from infrequently country
  • Activity from suspicious IP address

Attacks Becoming Increasingly Common

This comes months after the Cybersecurity and Infrastructure Security Agency (CISA) had revealed at the beginning of this year that threat actors responsible for the SolarWinds attack had made use of common hacking techniques like password spraying or password guessing, to break into the networks of targeted organizations.

Microsoft has warned of an increase in password spraying attacks
Image Credits: SolarWinds

Password spraying attacks are becoming increasingly commonplace on the hacking scenario since July 2021, with more and more threat actors using the same to target organizations. The NSA had previously revealed that Russia-backed hacking group Fancy Bear had launched password spraying attacks against foreign organizations including those in the US.

Steps Suggested by the DART

The company has also issued a number of steps to protect cloud accounts from being subjected to spray attacks. For starters, the team says that brute force prevention should be used on both the fields (Username and Passwords), and that account lockout policies should be put in place after specific number of incorrect password entries. Another recommendation is the enforcement of multi-factor authentication (MFA) across all accounts wherever and whenever possible, and shifting to password-less tech altogether.

 

Tweet54SendShare15
Previous Post

Facebook employees questioned restrictions on Palestine-related posts

Next Post

Elon Musk’s Starlink registers in India to provide broadband

Manasi Varma

A 20-something year old with a flair for writing, a love for reading, and an obsession for KPop. Most amicable person you'll ever meet.

Recommended For You

NetEase Games Lays Off Marvel Rivals Seattle Team Amid Development Restructuring

by Samir Gautam
February 19, 2025
0
NetEase Games Lays Off Marvel Rivals Seattle Team Amid Development Restructuring

NetEase Games has confirmed that several developers from the Seattle-based team working on Marvel Rivals have been laid off as part of a move to "optimize development efficiency."...

Read more

Stellantis Reverses Layoff Decision, Secures Jobs for 1,100 Workers at Ohio Jeep Plant

by Samir Gautam
December 23, 2024
0
Stellantis Reverses Layoff Decision, Secures Jobs for 1,100 Workers at Ohio Jeep Plant

Stellantis, the world’s fourth-largest automaker, announced a major reversal of its initial plans to lay off approximately 1,100 employees at its Toledo South Assembly Plant in Ohio. The...

Read more

10 Must-Watch Christmas Movies on Netflix This Holiday Season

by Thomas Babychan
December 14, 2024
0
10 Must-Watch Christmas Movies on Netflix This Holiday Season

The holiday season is the perfect time to indulge in the spirit of Christmas, and what better way to celebrate than by curling up with some feel-good festive...

Read more
Next Post
Elon Musk’s Starlink registers in India to provide broadband

Elon Musk's Starlink registers in India to provide broadband

Please login to join discussion

Techstory

Tech and Business News from around the world. Follow along for latest in the world of Tech, AI, Crypto, EVs, Business Personalities and more.
reach us at [email protected]

Advertise With Us

Reach out at - [email protected]

BROWSE BY TAG

#Crypto #howto 2024 acquisition AI amazon Apple bitcoin Business China cryptocurrency e-commerce electric vehicles Elon Musk Ethereum facebook flipkart funding Gaming Google India Instagram Investment ios iPhone IPO Market Markets Meta Microsoft News NFT samsung Social Media SpaceX startup startups tech technology Tesla TikTok trend trending twitter US

© 2024 Techstory.in

No Result
View All Result
  • News
  • Crypto
  • Gadgets
  • Memes
  • Gaming
  • Cars
  • AI
  • Startups
  • Markets
  • How to

© 2024 Techstory.in

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?