Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts

Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and Ireland, Microsoft has shared. The attacks were first spotted by Proofpoint researchers in early December 2022, and involved three rogue apps impersonating SSO and online meeting apps. Targets in these organizations who have fallen for the trick effectively allowed these rogue apps to access to their O365 email accounts and infiltrate … More →

The post …

access account protection accounts apps attackers attacks badge cloud security december don't miss effectively email email security enterprise hot stuff identity impersonating ireland malicious meeting mfa microsoft o365 oauth office 365 organizations party proofpoint publisher researchers rogue rogue apps social engineering sso target third third-party verified