<ul data-eligibleForWebStory="true"><li>Proofpoint's Threat Research Team discovered the UNK_SneakyStrike account-takeover campaign targeting Entra ID accounts using the TeamFiltration tool.</li><li>Over 80,000 Entra ID accounts across numerous organizations were targeted, resulting in successful account takeovers and data exfiltration.</li><li>The attackers employed strategies like user enumeration, password spraying, and backdoor creation, taking advantage of outdated Microsoft tools and AWS infrastructure.</li><li>Recommendations include implementing Multi-Factor Authentication, monitoring for suspicious activities, and disabling legacy authentication to prevent such attacks.</li></ul>

Proofpoint Uncovers UNK_SneakyStrike Account‑Takeover Campaign

Discover more