Bleeping Computer

Microsoft: OAuth apps used to automate BEC and cryptomining attacks

Microsoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. OAuth (short for Open ...
TechBooky

Microsoft 365 Admin Center Logins Will Require MFA

Microsoft is tightening security by introducing mandatory multi-factor authentication (MFA) for Microsoft 365 admin center ...
ZDNet

Microsoft warning: These phishing attackers used fake OAuth apps to steal email

Microsoft has warned that fraudulent Microsoft Partner Network (MPN) accounts were used in a phishing campaign that featured bogus apps that tricked victims into granting them permissions to access ...
Infosecurity-magazine.com

Microsoft Visio Files Used in Sophisticated Phishing Attacks

A surge in two-step phishing attacks leveraging Microsoft Visio files has been identified by security researchers, marking a sophisticated evolution in phishing tactics. Discovered by Perception Point ...