Exchange Online Servers Hacked Using Malicious OAuth Applications
Stewart Moncrieff2022-12-16T10:13:14-05:00Microsoft’s 365 Defender Research Team recently investigated an attack in which malicious OAuth applications were deployed on compromised cloud tenants. Initial Access The attacker first needed to compromise a cloud user’s account that had sufficient permissions in order to create a malicious OAuth application. The threat actor did this by launching credential-stuffing attacks against high-risk [...]






