Top
item
Advertisement
image credit: Adobe Stock

Hackers Abused Microsoft’s “Verified Publisher” OAuth Apps to Breach Corporate Email Accounts

February 1, 2023

Via: The Hacker News
Category:

Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations’ cloud environments and steal email.

“The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into granting permissions to the fraudulent apps,” the tech giant said. “This phishing campaign targeted a subset of customers primarily based in the U.K. and Ireland.”

Read More on The Hacker News

RELATED PUBLICATIONS

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors
Hackers Developing Malicious LLMs After WormGPT Falls Flat

Latest Publications

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Dangerous ICS Malware Targets Orgs in Russia and Ukraine
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!