::
About Us
::
Services
::
Links
::
 
 
2017 中文版 | 2017 English              2009 中文版 | 2009 English
Students | Staff   VPN
IP/Network Query . . .   
 
     
 

Date:2019/10/24

【Security Vulnerability Warning】 Brute-force attacks on Microsoft Office 365 for enterprise accounts from Malicious IPs, please be alerted

Subject: Brute-force attacks on Microsoft Office 365 for enterprise accounts from Malicious IPs, please be alerted

  • Description:
    • TWCERT received cyber intelligence; Microsoft Office 365 suffered brute-force attacks. Hackers can monitoring the company traffic, generate additional accounts, or sneak into internal network by using the cracked account.
    • Currently known IPs that will attack Microsoft Office 365 are listed below:
      112.179.242.181
      113.204.147.26
      118.163.143.170
      120.209.20.16
      175.230.213.33
      201.184.241.243
      218.107.49.71
      218.206.132.194
      218.28.50.51
      218.64.165.194
      220.164.2.61
      220.164.2.87
      221.3.236.94
      222.218.17.189
      222.223.56.116
      42.243.154.6
      58.213.46.110
      59.48.82.14
      60.13.154.174
      61.136.104.131
      61.160.95.126
      61.163.231.150
      61.163.36.24
      61.182.82.34
      91.233.156.93
      94.156.119.230
  • Impact platform: Microsoft Office 365
  • Recommended practices:
    1. Block those listed IPs listed above.
    2. Apply multi-factor authentication.
    3. Enable network events log and keep relevant information for at least 90 days.
    4. Enable “account disable” mechanism when login error.
    5. Use strong passwords.

Network System Division
Computer and Communication Center

 
Last modified:: 2019/10/29 11:18
 
     
   
FAIL: (the browser should render some flash content, not this).
FAIL: (the browser should render some flash content, not this).
::Previous | Next | Refresh | Print  | Back Home | NTHU | Computer and Communication Center
Copyright (c) 2008-2010 National Tsing Hua University ALL RIGHTS RESERVED
View count: 113
 
 
Close