CIRCLE WITH A DOT

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

⚠️ Attackers are hijacking Microsoft accounts without stealing passwords.

1 Posts 1 Posters 0 Views

A This user is from outside of this forum
A This user is from outside of this forum
anyrun_app@infosec.exchange

wrote last edited by

#1

️ Attackers are hijacking Microsoft accounts without stealing passwords.
OAuth Device Code #phishing tricks users into approving logins on M365 pages, granting token-based access to corporate email and files.
How to defend against this breach vector
https://any.run/cybersecurity-blog/oauth-device-code-phishing/?utm_source=mastodon&utm_medium=post&utm_campaign=oauth_device_code_phishing&utm_term=100326&utm_content=linktoblog
#cybersecurity #infosec
1 Reply Last reply
1
0
R relay@relay.infosec.exchange shared this topic

Log in to reply