Attackers leveraged popular cloud service platforms to conduct persistent - and stealthy - login attempts on corporate Office 365 accounts.
Enterprise Office 365 accounts, many belonging to high-level employees at Fortune 2000 companies, were hit with a brute-force attack in one of the earliest operationalized cloud-to-cloud business attacks, according to Skyhigh Networks, which began tracking the campaign early this year.
Skyhigh detected a pattern of organized attacks including more than 100,000 failed Office 365 logins from 67 IP addresses and 12 networks. Attackers tried logging in with different versions of employees' usernames, a sign they may have already possessed names and passwords but needed usernames for spearphishing campaigns or data access.
All login attempts came from instances hosted on cloud service platforms and targeted 48 businesses. The "slow-and-low" pace of attacks indicates threat actors were trying to stay under the radar; for each business, only a handful of senior employees were targeted. All those who were hit have been notified.
Read more details here.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024