all InfoSec news
Attackers abuse Microsoft’s 'verified publisher' status to steal data
Feb. 1, 2023, 6:30 a.m. | Jeff Burt
The Register - Security www.theregister.com
Malicious OAuth apps were the tickets into victims' systems
Miscreants using malicious OAuth applications abused Microsoft's "verified publisher" status to gain access to organizations' cloud environments, then steal data and pry into to users' mailboxes, calendars, and meetings.…
abuse access applications apps attackers cloud cloud environments data environments malicious malicious oauth applications microsoft oauth organizations publisher steal systems tickets verified verified publisher
More from www.theregister.com / The Register - Security
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cloud Technical Solutions Engineer, Security
@ Google | Mexico City, CDMX, Mexico
Assoc Eng Equipment Engineering
@ GlobalFoundries | SGP - Woodlands
Staff Security Engineer, Cloud Infrastructure
@ Flexport | Bellevue, WA; San Francisco, CA
Software Engineer III, Google Cloud Security and Privacy
@ Google | Sunnyvale, CA, USA
Software Engineering Manager II, Infrastructure, Google Cloud Security and Privacy
@ Google | San Francisco, CA, USA; Sunnyvale, CA, USA