Cybersecurity experts have discovered a novel account takeover (ATO) initiative that utilizes an open-source penetration testing toolkit known as TeamFiltration to compromise Microsoft Entra ID (previously Azure Active Directory) user profiles.
The operation, dubbed UNK_SneakyStrike by Proofpoint, has impacted more than 80,000 targeted user profiles across numerous organizations’ cloud environments since a