A botnet made up of more than 130,000 compromised devices is conducting large-scale password-spraying attacks against M365 accounts, exploiting non-interactive sign-ins with Basic Authentication. This method lets malicious actors bypass modern login protections, evade multi-factor authentication (MFA) enforcement, and remain undetected by security teams. Leveraging Purloined Credentials Malefactors are leveraging stolen credentials from infostealer logs […] Read More, [#item_full_content]
A botnet made up of more than 130,000 compromised devices is conducting large-scale password-spraying attacks against M365 accounts, exploiting non-interactive sign-ins with Basic Authentication. This method lets malicious actors bypass modern login protections, evade multi-factor authentication (MFA) enforcement, and remain undetected by security teams. Leveraging Purloined Credentials Malefactors are leveraging stolen credentials from infostealer logs […] Information Security BuzzRead More
