How to defend against OAuth-enabled cloud-based attacks

This artical was originally published on another site

Reading Time: < 1 minute

Recently Malwarebytes reported that the SolarWinds hackers accessed its internal emails using the same intrusion vector they used in other attacks. The vector appears to abuse applications with privileged access to Microsoft Office 365 and Azure environments. The representative stated that “the investigation indicated the attackers leveraged a dormant email protection product within our Office 365 tenant that allowed access to a limited subset of internal company emails.” The attack sequence suggests that the attacker tricked an end user into authorizing a third-party site to share authentication via OAuth.

To read this article in full, please click here

(Insider Story)

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *