Advertisement
Top
image credit: Pixabay

Money-grubbing crooks abuse OAuth – and baffling absence of MFA – to do financial crimes

December 14, 2023

Via: The Register
Category:

Multiple miscreants are misusing OAuth to automate financially motivated cyber crimes – such as business email compromise (BEC), phishing, large-scale spamming campaigns – and deploying virtual machines to illicitly mine for cryptocurrencies, according to Microsoft.

OAuth, short for Open Authorization, is an open standard for token-based access delegation, allowing applications to access resources and data hosted by other web apps. Microsoft’s identity platform uses OAuth 2.0 for handling authorization.

Read More on The Register

RELATED PUBLICATIONS

iPhone Users Are Being Targeted by MFA Bombs, Here’s What We Know
Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage
Microsoft fixed two zero-day bugs exploited in malware attacks

Latest Publications

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People
The Los Angeles County Department of Health Services disclosed a data breach
Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!