Data Source: Entra ID | Detection.FYI

Azure Entra Sign-in Brute Force against Microsoft 365 Accounts

Oct 10, 2024 · Domain: Cloud Domain: SaaS Data Source: Azure Data Source: Entra ID Data Source: Entra ID Sign-in Use Case: Identity and Access Audit Use Case: Threat Detection Tactic: Credential Access ·
Share on:

Identifies potential brute-force attempts against Microsoft 365 user accounts by detecting a high number of failed interactive or non-interactive login attempts within a 30-minute window. Attackers may attempt to brute force user accounts to gain unauthorized access to Microsoft 365 services via different services such as Exchange, SharePoint, or Teams.

Read More
Azure Entra Sign-in Brute Force Microsoft 365 Accounts by Repeat Source

Oct 10, 2024 · Domain: Cloud Domain: SaaS Data Source: Azure Data Source: Entra ID Data Source: Entra ID Sign-in Use Case: Identity and Access Audit Use Case: Threat Detection Tactic: Credential Access ·
Share on:

Identifies potential brute-force attempts against Microsoft 365 user accounts by detecting a high number of failed interactive or non-interactive login attempts within a 30-minute window from a single source. Attackers may attempt to brute force user accounts to gain unauthorized access to Microsoft 365 services via different services such as Exchange, SharePoint, or Teams.

Read More