SiliconANGLE

Microsoft details three OAuth-focused hacking campaigns

Microsoft Corp. on Tuesday detailed three hacking campaigns that made use of OAuth, a technology commonly used to let workers log into business applications with their Microsoft and Google accounts.
SiliconANGLE

Google improves G Suite security: How to get started with new OAuth apps whitelisting

Google Inc. announced a new feature Thursday called OAuth apps whitelisting that allows G Suite administrators to control how third-party applications use employees’ data. Gmail was hit by a ...
Bleeping Computer

Phishing Attack Hijacks Office 365 Accounts Using OAuth Apps

A phishing campaign has been discovered that doesn't target a recipient's username and password, but rather uses the novel approach of gaining access to a recipient's Office 365 account and its data ...
Threat Post

Office 365 OAuth Attack Targets Coinbase Users

Attackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth. Office 365 users are receiving emails purporting to come from ...
Threat Post

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover. A vulnerability in the way Microsoft applications use OAuth for third-party ...