Microsoft Cautions Over Increase In Password Spraying Attacks

Share post:

According to Microsoft’s Detection and Response Team (DART), state-sponsored hackers, including the SolarWinds hackers, Nobelium and others, track identities with password spraying.

Password spraying is a variant of what is known as a brute force attack, in which the perpetrators attempt to gain unauthorized access to a single account by repeatedly guessing the password within a short period of time.

DART identified two main password spray techniques including the first known as “low and slow,” which simply means that a determined attacker uses a sophisticated password spray that uses “several individual IP addresses to attack multiple accounts at the same time with a limited number of curated guesses.”

The other method, “availability and reuse,” exploits previously compromised credentials that are published and sold on the dark web. According to Microsoft, “attackers can utilize this tactic, also called ‘credential stuffing’ to easily gain entry because it relies on people reusing passwords and username across sites.”

For more information, read the original story in ZDNet.


Related articles

CrowdStrike update causes global IT outages, fix is available

Some airlines, banks and government services around the world have been affected by a faulty software update for...

Charges dismissed in SolarWinds hacking case

A judge has dismissed most of the Securities and Exchange Commission's (SEC) fraud charges against SolarWinds related to...

Canadian is among foreign nationals pleading guilty to involvement with Lockbit ransomware

Two foreign nationals have pleaded guilty in the US District of New Jersey to their involvement in the...

FBI rapidly hacks into Trump shooter’s phone, raises privacy concerns

Just two days after the attempted assassination at a Trump rally, the FBI announced it had gained access...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways