Security News > 2022 > October > Microsoft: Watch out for password spray attacks – especially you, Basic Auth

Microsoft is warning Exchange Online users about a rise in password spray attacks, urging those that have yet to disable Basic Authentication to at least set up authentication policies to protect their users and data.
For three years, Microsoft been weaning popular software offerings like Outlook Desktop and Outlook Mobile App off Basic Auth in favor of more secure user authentication methods.
Millions of users have moved away from Basic Auth to Modern Auth over those three years and Microsoft has disabled it in millions of tenants, according to the company.
These customers will have to face identity attacks using Basic Auth.
To combat this, Microsoft is recommending organizations that are still using Basic Auth set up Exchange Online Authentication Policies, which will ensure that only those accounts that the organization knows should be using Basic Auth with specific protocols can.
Microsoft initially expected to disable all use of Basic Auth before the end of the year, but knew that despite the warnings, there were still many that continued to use the legacy authentication method.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/10/04/microsoft_exchange_password_spray/
Related news
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)