New Alert for Microsoft 365 Defender Password Spray Detection
Microsoft 365 Defender is rolling out a new alert to detect password spray attacks originating from authentic cloud service providers. The alert, called "Password spray attacks originating from single ISP," will be enabled automatically and will begin rollout in mid-April, concluding by late April. E5 P2 licensed customers will be impacted by this change. If your team is impacted by this alert, there are specific steps you must follow, including validating sign-in attempts from the ISP, validating user logon patterns, identifying compromised users, decommissioning or resetting passwords for compromised accounts, and contacting Microsoft support for investigation and remediation services. For additional information, please see the documentation provided. Message ID: MC543877
Stay informed and ensure your organization is prepared to take action against password spray attacks with this new alert from Microsoft 365 Defender.
The post New Alert for Microsoft 365 Defender Password Spray Detection originally appeared on M365 Admin.
Published on:
Learn more
Related posts
Microsoft Defender for Office 365: AIR Initiated Remediation Logging
Microsoft Defender for Office 365 has introduced an update that allows for the logging of remediations generated by Automated Incident Respons...
Microsoft Defender for Office 365: User submission automatic feedback response
Microsoft Defender for Office 365 now offers the automatic feedback response feature which allows organizations to automatically respond to en...
Microsoft Defender for Office 365: User Submission Automatic Feedback Response
Organizations can now benefit from the user submission automatic feedback response in Microsoft Defender for Office 365, which automatically r...
Microsoft Defender for Office 365: Auto-Remediation of Malicious Entity Clusters Identified in Automated Investigation and Response (AIR)
Microsoft Defender for Office 365 is set to receive an update that will enhance its automated investigation and response (AIR) feature with au...
Episode 80: Microsoft Incident Response
In this episode of the podcast, Michael and Sarah are joined by Matt Zorich, a member of Microsoft's Incident Response team, to dive into the ...
Step-up authentication with Defender for Cloud Apps and Authentication Context
If you're interested in implementing step-up authentication for specific scenarios, this post is for you. The article explores the integration...
Microsoft Defender for Office 365: Teams Security
Good news for Microsoft Teams users! Microsoft Defender for Office 365 is set to provide enhanced security operations and protection for Teams...
Azure AD and ADFS best practices: Defending against password spray attacks
This blog post discusses one of the most common and frequent attacks called Password Spray. As long as passwords have existed, people have tri...
Microsoft Defender for Office 365: Limitless Tenant Allow/Block List
Microsoft is updating its Defender for Office 365 security platform to allow customers with MDO P2 or E5 security to create unlimited block an...