Office365 Accounts compromised using OAuth

Office365 Accounts compromised using OAuth (Includes interview)

The new cyber-threat continues a trend of hackers exploiting recognizable software companies in order to convince users to accept malware, including another Microsoft vulnerability that compromised account tokens. The phishing campaign was discovered by threat intelligence and mitigation firm PhishLabs. This reveals how attackers are using Microsoft Office 365 OAuth apps to hijack a recipient’s account.