Microsoft update on brute force and password spraying activity

The NCSC has issued advice to UK organisations following an update from Microsoft on malicious cyber campaigns.

On Friday 25th June Microsoft revealed that it had identified new activity from an Advanced Persistent Threat (APT) known as NOBELIUM targeting organisations globally.

The Microsoft Threat Intelligence Center says that this activity was mostly unsuccessful.

The NCSC has observed an increase in activity as part of malicious email and password spraying campaigns against a limited number of UK organisations. We are supporting those affected and would urge all organisations to familiarise themselves with our guidance on mitigating phishing attacks, including how to block phishing emails and how to implement two-factor/multi-factor authentication:

The following blog posts from Microsoft provide further details, including IoCs, detection and mitigation advice:

NCSC © Crown Copyright 2021

Leave a Reply

scroll to top