Microsoft is under attack from spray and pray password hackers.
There are two undeniable truths in the world of cybersecurity: Microsoft is a prime target for hackers, and two-factor authentication is a hurdle they hate to encounter. A newly reported password spray and pray attack campaign exploits both these truths by only targeting Microsoft 365 accounts that are still using now deprecated basic authentication protections. Here’s what is happening and the steps your organization needs to take to mitigate the risk.
The Password Spray And Pray Attack
A botnet that comprises at least 130,000 devices that have been compromised by what is “likely a Chinese-affiliated…