Microsoft: OAuth apps used to automate BEC and cryptomining attacks
December 12, 2023 at 06:54PM Threat actors are leveraging OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. Microsoft recommends using multi-factor authentication (MFA) and implementing security measures like conditional access policies and continuous access evaluation to defend against these malicious activities. Security teams should also prioritize enabling MFA … Read more