Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks.
“The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,” Proofpoint said in a Thursday report.
The

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown

Related Posts
Total
0
Share