Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges

January 31, 2023

Read Time:24 Second

Researchers from cybersecurity firm Proofpoint claim to have discovered a new threat campaign involving malicious third-party OAuth apps that are used to infiltrate organizations’ cloud environments. According to a blog on the company’s website, threat actors satisfied Microsoft’s requirements for third-party OAuth apps by abusing the Microsoft “verified publisher” status, employing brand abuse, app impersonation and other social engineering tactics to lure users into authorizing malicious apps.

To read this article in full, please click here

Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily

$40bn Southeast Asian Scam Sector Growing “Like a Cancer”

Whistleblower: DOGE Siphoned NLRB Case Data

Friday Squid Blogging: Live Colossal Squid Filmed

Midnight Blizzard Targets European Diplomats with Wine Tasting Phishing Lure

Age Verification Using Facial Scans

NTLM Hash Exploit Targets Poland and Romania Days After Patch

Senators Urge Cyber-Threat Sharing Law Extension Before Deadline

Identity Attacks Now Comprise a Third of Intrusions