Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

4 November 2024

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to launch highly evasive password spray attacks, successfully stealing credentials from multiple Microsoft customers. The stolen credentials are then leveraged by threat actors like Storm-0940 to gain unauthorized access to systems. Storm-0940 has been an active threat actor since 2021 and primarily targets organizations in North America and Europe, including government, non-profit, and private sector entities. The group leverages brute-force attacks, exploits, and compromised network services to gain initial access, so Microsoft has notified affected organizations and provided mitigation and detection recommendations. It includes identifying and blocking malicious IP addresses, strengthening password policies, and implementing network segmentation.

Source: GBHackers

Date:

4 November 2024

Categorie(s):

NEWS

Tag(s):

Attacks, Customers, Cyber Security News, Microsoft, Passwords

How Ransomware Jeopardizes Healthcare Organizations17 November 2024
Are Identity Theft Protection Services Worth the Money? It’s Complicated17 November 2024
Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked17 November 2024
Google’s Gemini AI Chatbot Keeps Telling Users to Die16 November 2024
Cybersecurity Flaws in US Drinking Water Systems Put 26 Million at Risk16 November 2024