Security News > 2023 > December > Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing

2023-12-13 10:55
Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious activity," the Microsoft Threat Intelligence team said in an
News URL
https://thehackernews.com/2023/12/microsoft-warns-of-hackers-exploiting.html
Related news
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)
- Microsoft’s new AI agents take on phishing, patching, alert fatigue (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)