Security News > 2020 > October > Microsoft upgrades password spray attack detection capabilities
Microsoft has improved password spray detection in Azure Active Directory by doubling the number of compromised accounts it detects using a new machine learning system.
Microsoft built a heuristic engine focused on detecting password spray attack, which helped the company to spot and alert tenants of hundreds of thousands of attacks each month.
Azure AD Password Protection was launched in April 2019 to reduce the risks behind password spray attacks by blocking users from choosing easy to guess passwords, drastically reducing the success rate of such attacks to about 1% says Weinert.
"Each color tracks a different password hash for login attempts with incorrect passwords in Azure Active Directory. Looking across millions of tenants, we can see the pattern of a password spray attack," Weinert explained.
"Normally the graph would be flat and evenly dispersed as you see on the left side. The huge elevation of a single hash failing across many accounts indicates a single password being attempted against hundreds of thousands of usernames from many tenants-a password spray attack in progress."
News URL
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)