Feeds.4Sysops
Ongoing Password Spray Attack Targets Microsoft Azure CLI with 81M Attempts
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A massive automated password spray attack has been launched against Microsoft Azure CLI users, originating from an IPv6 address range managed by LSHIY LLC. Between June 12 and June 26, over 81 million login attempts were recorded, resulting in at least 78 compromised Microsoft accounts across 64 organizations. Despite the high volume of attempts, the success rate remains low, with only a few accounts compromised daily. The attack exploits weaknesses in Conditional Access policies, which failed to prevent the techniques used by the attackers. Huntress has noted a 155-fold increase in credential spray attacks over the past six months, indicating a concerning trend in the cybersecurity landscape. The attack appears to utilize previously breached username/password combinations. Organizations are urged to review their security configurations to mitigate such threats.
Key Points: • Over 81 million login attempts were made against Microsoft Azure CLI users. • At least 78 Microsoft accounts were compromised across 64 organizations. • The attack exploits weaknesses in Conditional Access policies, highlighting security gaps.