Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a malicious campaign designed to breach organizations’ cloud environments and steal email.
“The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into granting
from The Hacker News https://ift.tt/SDqzCe4
via IFTTT
Cloud / Sec / Labs 