Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth. Office 365 users are receiving emails purporting to come from ...

A trio of ongoing campaigns have highlighted once again the continued popularity among cybercriminals of malicious OAuth apps as a go-to attack method. In one wave of recent attacks, threat actors ...

Attackers gain read-only permissions to snoop around Office 365 accounts, including emails, contacts and more. An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization ...

Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. The campaigns were discovered by ...

A new cyberattack is targeting Microsoft 365 users through Signal and WhatsApp messages, with hackers impersonating government officials in order to gain access to accounts. According to reporting ...

Threat Groups Hijack Microsoft 365 Accounts Using OAuth Device Code Exploit Security researchers warn that threat groups are ...

Proofpoint observed campaigns impersonating trusted brands like SharePoint and DocuSign with malicious OAuth applications to get into Microsoft 365 accounts. Threat actors have cooked up a clever way ...

When it comes to implementing Open Authorization (OAuth) technology, constant monitoring and review is the key to maintaining a properly secure organization. Cloud authentication provides so many ...

Microsoft 365 Defender researchers have disrupted the cloud-based infrastructure used by scammers behind a recent large-scale business email compromise (BEC) campaign. The attackers compromised their ...