all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Money-grubbing crooks abuse OAuth – and baffling absence of MFA – to do financial crimes

Add to bookmarks
Dec. 14, 2023, 11:03 a.m. | Jessica Lyons Hardcastle

The Register - Security www.theregister.com

Business email compromise, illicit cryptomining, phishing ... if it makes a dollar, this lot do it

Multiple miscreants are misusing OAuth to automate financially motivated cyber crimes – such as business email compromise (BEC), phishing, large-scale spamming campaigns – and deploying virtual machines to illicitly mine for cryptocurrencies, according to Microsoft.…

abuse bec business business email compromise campaigns compromise crimes cryptomining cyber cyber crimes email email compromise financial large lot machines mfa money oauth phishing scale spamming virtual virtual machines

Visit resource

More from www.theregister.com / The Register - Security

Kaiser Permanente shared 13.4M people's data with Microsoft Bing, Google, others 1 day, 12 hours ago | www.theregister.com
american bing data giant +13
Second time lucky for Thoma Bravo, which scoops up Darktrace for $5.3B 1 day, 15 hours ago | www.theregister.com
acquisition analysts brand cybersecurity +9
UK's Investigatory Powers Bill to become law despite tech world opposition 1 day, 19 hours ago | www.theregister.com
bill law opposition privacy +4
Four trends to top the CISO’s packed agenda 1 day, 23 hours ago | www.theregister.com
attacks check ciso cybersecurity +14
Flaws in Chinese keyboard apps leave 750 million users open to snooping, researchers claim 2 days, 1 hour ago | www.theregister.com
apps can chinese claim +17
Cops cuff man for allegedly framing colleague with AI-generated hate speech clip 2 days, 9 hours ago | www.theregister.com
ai software arrested baltimore boss +11
Ring dinged for $5.6M after, among other claims, rogue insider spied on 'pretty girls' 2 days, 9 hours ago | www.theregister.com
amazon cash claims customers +7
Two cuffed in Samourai Wallet crypto dirty money sting 2 days, 13 hours ago | www.theregister.com
cash charges claims criminal +11
Russia, Iran pose most aggressive threat to 2024 elections, say infoseccers 2 days, 17 hours ago | www.theregister.com
cybercriminals elections experts google +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs