Microsoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. OAuth (short for Open ...

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...

Microsoft Corp. on Tuesday detailed three hacking campaigns that made use of OAuth, a technology commonly used to let workers log into business applications with their Microsoft and Google accounts.

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...

Microsoft has warned that hackers are exploiting an OAuth redirect feature in a sophisticated phishing campaign targeting government organizations. The attackers use legitimate login prompts to ...

A surge in phishing campaigns abusing Microsoft’s OAuth device code authorization flow has been observed with multiple threat clusters using the technique to gain unauthorized access to Microsoft 365 ...

Microsoft has released new guidance for organizations on how to protect against persistent nation-state attacks like the one disclosed a few days ago that infiltrated its own corporate email system. A ...