Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges

Posted: Wed, 02/01/2023 - 7:22pm

Researchers from cybersecurity firm Proofpoint claim to have discovered a new threat campaign involving malicious third-party OAuth apps that are used to infiltrate organizations’ cloud environments. According to a blog on the company’s website, threat actors satisfied Microsoft’s requirements for third-party OAuth apps by abusing the Microsoft “verified publisher” status, employing brand abuse, app impersonation and other social engineering tactics to lure users into authorizing malicious apps.

To read this article in full, please click here

Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges

Remote code execution exploit chain available for VMware vRealize Log Insight

NTT, Palo Alto partner for managed SASE with AIOps

Foreign states already using ChatGPT maliciously, UK IT leaders believe

APT groups use ransomware TTPs as cover for intelligence gathering and sabotage