Widespread, Brute-Force, Cloud-to-Cloud Attacks Hit Microsoft 365 Users

DAn operationalized cloud-to-cloud brute-force attack against Microsoft Microsoft 365 users has hit high-level employees at multiple Fortune 2,000 organizations.

According to Skyhigh Networks, which remediated the attack, the perpetrators used popular cloud service platforms to conduct a persistent attack to log into corporate Microsoft 365 accounts. The campaign had a “slow-and-low” pattern of coordinated attacks on high-value targets, including more than 100,000 failed Microsoft 365 logins from 67 IP addresses and 12 networks. The attempts in all targeted 48 different organizations…


Source: Infosecurity