Security News > 2021 > October > Microsoft warns of rise in password sprays targeting cloud accounts
The Microsoft Detection and Response Team says it detected an increase in password spray attacks targeting privileged cloud accounts and high-profile identities such as C-level executives.
These attacks often use the same password while switching from one account to another to find easy to breach accounts and avoid triggering defenses like password lockout and malicious IP blocking.
"Over the past year, the Microsoft Detection and Response Team, along with Microsoft's threat intelligence teams, have observed an uptick in the use of password sprays as an attack vector," DART said.
"Recently, DART has seen an uptick in cloud administrator accounts being targeted in password spray attacks, so understanding the targets is a good place to start."
As Microsoft revealed one year ago, password spray attacks are among the most popular authentication attacks amounting to over a third of enterprise account compromises, according to Alex Weinert, Director of Identity Security at Microsoft.
Microsoft also said earlier this month that it spotted both Iran-linked DEV-0343 and the Russian-sponsored Nobelium groups using password sprays in attacks targeting defense tech companies and managed service providers or cloud service providers, respectively.