Microsoft Cautions Over Increase In Password Spraying Attacks

According to Microsoft’s Detection and Response Team (DART), state-sponsored hackers, including the SolarWinds hackers, Nobelium and others, track identities with password spraying.

Password spraying is a variant of what is known as a brute force attack, in which the perpetrators attempt to gain unauthorized access to a single account by repeatedly guessing the password within a short period of time.

DART identified two main password spray techniques including the first known as “low and slow,” which simply means that a determined attacker uses a sophisticated password spray that uses “several individual IP addresses to attack multiple accounts at the same time with a limited number of curated guesses.”

The other method, “availability and reuse,” exploits previously compromised credentials that are published and sold on the dark web. According to Microsoft, “attackers can utilize this tactic, also called ‘credential stuffing’ to easily gain entry because it relies on people reusing passwords and username across sites.”

For more information, read the original story in ZDNet.

Microsoft Cautions Over Increase In Password Spraying Attacks

Top Stories

New Deepfakes Can Mimic Heartbeats, Evading Detection Tools

RBC Pushes Employees Back to Office to Preserve ‘Winning Culture’

Microsoft Azure Closes Cloud Gap with AWS as AI and Enterprise Migrations Fuel Growth

Sleeper Supply Chain Attack Activates After 6 Years

Dell has another major round of layoffs

One of the biggest data breaches ever, billions of users affected

Related Articles

65% of Canadians Still Reusing Passwords Despite Identity Theft Fears, Okta Study

Ottawa Warns of China-Linked Hack on Canadian Telecom Gear

Copilot Exploit Shows How AI Agents Can Be Hijacked to Steal Corporate Data

Sleeper Supply Chain Attack Activates After 6 Years

Jim Love

Follow Us

Popular categories

Tech News Delivered