Login
Israel-Hamas Conflict
Airstrike
Military
Aviation Accidents
World Cup
Social Media
Donald Trump
Immigration and Customs Enforcement
Benjamin Netanyahu
Artificial Intelligence
Immigration
Soccer
Cryptocurrency
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Over 80,000 Microsoft Entra ID Accounts Hit by Password Spraying Attacks

  • Proofpoint uncovered a large-scale account takeover campaign, UNK_SneakyStrike, targeting over 80,000 Microsoft Entra ID user accounts globally since late 2024.
  • The campaign began in December 2024 and leverages the open-source penetration testing tool TeamFiltration to conduct user enumeration and password spraying attacks.
  • Attackers abused AWS servers and a disposable Office 365 account to target roughly 100 cloud tenants and access Microsoft Teams, OneDrive, and Outlook data.
  • On January 8, 16,500 accounts were targeted in a single day, with attackers successfully hijacking several accounts and accessing sensitive productivity information.
  • This campaign illustrates the growing misuse of legitimate security tools in cyberattacks, prompting recommendations for multi-factor authentication, OAuth 2.0 enforcement, and blocking known malicious IPs.
Insights by Ground AI
Does this summary seem wrong?

22 Articles

All
Left
Center
2
Right
Tech RadarTech Radar
Center

Over 80,000 Microsoft Entra ID accounts hit by password spraying attacks

Half a dozen flaws across different products were addressed despite not being abused in the wild.

·United Kingdom
Read Full Article
BleepingComputerBleepingComputer
Center

Password-spraying attacks target 80,000 Microsoft Entra ID accounts

Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide.

Read Full Article
Techzine EuropeTechzine Europe

Pentesting tool exploited in large-scale attacks

TeamFiltration exploited by attackers for large-scale Office 365 attacks. More than 80,000 accounts targeted in UNK_SneakyStrike campaign.

Read Full Article
unsafe.shunsafe.sh

Hackers Used TeamFiltration Open Source Tool to Attack More than 80,000 Microsoft Entra ID Accounts

This article describes the causes and solutions for error code 521. This error is usually caused by Cloudflare and indicates that the server cannot connect to the origin server. Common causes include network connection problems, server misconfiguration, or improper DNS settings. Solutions include checking network configuration, contacting the hosting provider, or adjusting Cloudflare settings to restore access.

Read Full Article
HubSite 365HubSite 365

Entra ID: Stop Lateral Attacks with Advanced Identity Security

Entra ID, identity management, cybersecurity, MFA, Microsoft 365 Defender, Azure AD - protect against lateral attacks. Lateral attacks happen when attackers move inside a network after getting access, often aiming for sensitive data or systems. Entra ID is a tool from Microsoft that helps manage user identities and control who can access resources. Identity management ensures only the right people have access to important company information an…

Read Full Article
AdluminAdlumin

Unravelling Cyber Defense Model Secrets: Password Spray Detections

Discover how to detect and respond to password spray attacks in Microsoft 365. Learn about Adlumin's latest detection logic, response strategies, and how to strengthen your defense against stealthy brute-force threats. The post Unravelling Cyber Defense Model Secrets: Password Spray Detections appeared first on Adlumin Cybersecurity.

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

The Hacker News broke the news in on Thursday, June 12, 2025.
Sources are mostly out of (0)

Similar News Topics

Microsoft

Microsoft

Hacking

Hacking

News
For You
SearchBlindspotLocal