Cyber Security Bulletin: Brute Force Attacks Against O365 & Azure

Over the last few weeks SRG has been alerted to and has been monitoring a new cyber-attack vector. This is a known group with access to a large and scalable Kubernetes cluster that is performing high-speed and broad reaching Brute Force Attacks against Microsoft O365 and Azure services. It is highly recommended that all customers enable two-factor (2FA) in their Microsoft cloud services and additionally recommended that password length and complexity policies be reviewed and increased in strength as needed.

As always if we can be of any assistance or provide further guidance please reach out to the Cyber Team at cyberservices@securityresourcegroup.com.