81 million login attempts hit Microsoft 365 accounts as hackers try password-spraying to force entry using stolen credentials and OAuth to bypass authentication



  • A password-spraying attack successfully breached Microsoft 365 accounts
  • The hackers abused improperly configured conditional access policies to bypass MFA
  • Many organizations targeted had no MFA implemented

Hackers have used previously leaked credentials to target Microsoft 365 accounts in a password-spraying attack that resulted in over 81 million login attempts during a two-week period.

The attackers then abused the improperly implemented Conditional Access policies within the Resource Owner Password Credentials (ROPC) OAuth mechanism using Azure command-line interface (CLI), allowing the hackers to bypass authentication altogether when a matching username and password was discovered.

https://cdn.mos.cms.futurecdn.net/9dJG7jH8XprNiB4jnuuD2M-1920-80.jpg



Source link
benedict.collins@futurenet.com (Benedict Collins)

Latest articles

spot_imgspot_img

Related articles

Leave a reply

Please enter your comment!
Please enter your name here

spot_imgspot_img