OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks
OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks Pierluigi Paganini December 13, 2023 Microsoft warns that threat...
Read more →Author: Cybernoz
New Sophisticated Phishing Attacks on the Rise
Phishing, a persistent cyberthreat, has evolved with the times. Once a symbol of convenience, QR codes are now being weaponized...
Read more →
Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns
Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications...
Read more →
Recruiters Beware! Hackers Deliver Malware Posing Job Applicant
Threat actors have been targeting recruiters disguised as job applicants to deliver their malware. Though this method is not unique,...
Read more →
Sophos Firewall Code Injection Flaw: Let Attackers Execute Code
A critical security flaw has been discovered in the Sophos Firewall User Portal and Webadmin, allowing hackers to execute malicious...
Read more →
Drata unveils Third-Party Risk Management offering to help security teams identify risks
Drata announced its Third-Party Risk Management (TPRM) offering, empowering customers to identify, evaluate, and monitor third-party risks in one centralized...
Read more →
How ransomware gangs use the tech media against their victims
Cyber criminals traditionally and understandably shied away from publicity, but over the past few years, ransomware gangs have inverted this...
Read more →
Hackers Abuse OAuth Applications to Automated Finacial Attacks
OAuth (Open Authorization) is an industry-standard protocol that allows third-party applications to access a user’s data without exposing login credentials. ...
Read more →
34 Vulnerabilities & Critical 0-Day Fixed
Microsoft has released their patches for December 2023 as part of their Patch Tuesday. In this release, they have patched...
Read more →
How to Analyze Malware’s Network Traffic in A Sandbox
Malware analysis encompasses a broad range of activities, including examining the malware’s network traffic. To be effective at it, it’s...
Read more →
Microsoft’s Christmas present for cyber teams: no zero-days
After a year that has seen no end of critical vulnerabilities in Microsoft products and services, Redmond has delivered an...
Read more →
Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing
Dec 13, 2023NewsroomCryptocurrency / Threat Analysis Microsoft has warned that adversaries are using OAuth applications as an automation tool to...
Read more →