Source |
CSO |
Identifiant |
8305875 |
Date de publication |
2023-01-31 04:02:00 (vue: 2023-01-31 13:08:24) |
Titre |
Threat actors abuse Microsoft\'s “verified publisher” status to exploit OAuth privileges |
Texte |
Researchers from cybersecurity firm Proofpoint claim to have discovered a new threat campaign involving malicious third-party OAuth apps that are used to infiltrate organizations' cloud environments. According to a blog on the company's website, threat actors satisfied Microsoft's requirements for third-party OAuth apps by abusing the Microsoft “verified publisher” status, employing brand abuse, app impersonation and other social engineering tactics to lure users into authorizing malicious apps.To read this article in full, please click here |
Envoyé |
Oui |
Condensat |
abuse abusing according actors app apps are article authorizing blog brand campaign claim click cloud company cybersecurity discovered employing engineering environments exploit firm from full have here impersonation infiltrate involving lure malicious microsoft new oauth organizations other party please privileges proofpoint publisher” read requirements researchers satisfied social status tactics third threat used users website “verified |
Tags |
Threat
|
Stories |
|
Notes |
★★★
|
Move |
|