National Cyber Security Centre
Printable version

Microsoft update on brute force and password spraying activity

The NCSC has issued advice to UK organisations following an update from Microsoft on malicious cyber campaigns.

An image illustrating a warning sign on a laptop screen.

On Friday 25th June Microsoft revealed that it had identified new activity from an Advanced Persistent Threat (APT) known as NOBELIUM targeting organisations globally.

The Microsoft Threat Intelligence Center says that this activity was mostly unsuccessful.

The NCSC has observed an increase in activity as part of malicious email and password spraying campaigns against a limited number of UK organisations. We are supporting those affected and would urge all organisations to familiarise themselves with our guidance on mitigating phishing attacks, including how to block phishing emails and how to implement two-factor/multi-factor authentication:

The following blog posts from Microsoft provide further details, including IoCs, detection and mitigation advice:


Channel website:

Original article link:

Share this article

Latest News from
National Cyber Security Centre