Over 80,000 Microsoft Entra ID accounts hit by password spraying attacks
techradar.com
- Hackers are abusing a legitimate tool to target Entra ID accounts
- The password spraying attack targeted some 80,000 accounts
- Attackers managed to take over some accounts, accessing Microsoft Teams, OneDrive, Outlook data
Cybercriminals have been spotted abusing a legitimate penetration testing tool to target people’s Entra ID user accounts with password-spraying attacks, experts hgave warned.
In an in-depth analysis shared with TechRadar Pro, cybersecurity researchers from Proofpoint claimed tens of thousands of accounts were targeted, and a few were compromised.
The researchers said unnamed threat actors engaged in a large-scale attack they dubbed UNK_SneakyStrike.
"Several" accounts compromised
In this campaign, the attackers used a legitimate pentesting tool called TeamFiltration.
This tool was created by a threat researcher in early 2021 and publicly released at DefCon30. It helps automate several tactics, techniques, and procedures (TTPs) used in modern ATO attack chains.
“As with many security ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE